Commit graph

156 commits

Author SHA1 Message Date
Brady Wetherington 0eda53c484 Add a new custom validator for Users to prevent someone from managing themselves 2020-10-23 16:55:10 -07:00
snipe 2aa8e1e76b
Merge pull request #8596 from snipe/fixes/8462_move_accessory_notes
Fixes #8462 - move accessory notes into pivot table
2020-10-23 14:19:51 -07:00
snipe d03d4deef9 Temp fix for #8561 - manager_id validation error 2020-10-23 11:55:53 -07:00
snipe 88f03e6b55 Added last_checkout and notes from pivot for accessories 2020-10-23 00:44:26 -07:00
snipe 9c8ca6af21
Squashed commit of the following:
commit e321aeabae
Merge: 8ec99ff43 37568ae9e
Author: snipe <snipe@snipe.net>
Date:   Mon Aug 31 12:14:44 2020 -0700

    Merge branch 'master' into integrations/2020-08-31-v5-rc

    # Conflicts:
    #	.all-contributorsrc
    #	.nvmrc
    #	README.md
    #	app/Console/Commands/LdapSync.php
    #	app/Http/Controllers/Api/ConsumablesController.php
    #	app/Http/Controllers/Api/ImportController.php
    #	app/Http/Controllers/Assets/AssetsController.php
    #	app/Http/Controllers/Auth/LoginController.php
    #	app/Http/Controllers/CustomFieldsetsController.php
    #	app/Http/Controllers/LicensesController.php
    #	app/Http/Controllers/UsersController.php
    #	app/Importer/import_mappings.md
    #	app/Models/Ldap.php
    #	app/Models/Loggable.php
    #	composer.json
    #	composer.lock
    #	config/version.php
    #	public/css/build/all.css
    #	public/css/dist/all.css
    #	public/css/skins/skin-contrast.css
    #	public/css/skins/skin-contrast.css.map
    #	public/js/build/all.js
    #	public/js/build/vue.js
    #	public/js/build/vue.js.map
    #	public/js/dist/all.js
    #	public/mix-manifest.json
    #	resources/assets/js/components/importer/importer-file.vue
    #	resources/assets/less/overrides.less
    #	resources/macros/macros.php
    #	resources/views/custom_fields/fieldsets/view.blade.php
    #	resources/views/hardware/edit.blade.php
    #	resources/views/hardware/labels.blade.php
    #	resources/views/hardware/view.blade.php
    #	resources/views/layouts/default.blade.php
    #	resources/views/modals/model.blade.php
    #	resources/views/modals/user.blade.php
    #	resources/views/users/index.blade.php
    #	routes/api.php
    #	routes/web/fields.php
    #	tests/unit/UserTest.php

commit 37568ae9ec
Merge: 01a832169 32ad9050c
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 25 20:49:37 2020 -0700

    Merge pull request #8365 from snipe/fixes/8338_google_maps_CSP

    Fixed #8338 - Added google maps to CSP

commit 32ad9050cf
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 25 20:48:53 2020 -0700

    Added google maps to CSP

commit 01a832169c
Merge: bcad49ce7 3c6883489
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 25 20:38:31 2020 -0700

    Merge pull request #8364 from snipe/fixes/8335_assigned_to_null_on_status_assetlist

    Fixed #8335 - added assignedTo scope on status labels API call for assetlist

commit 3c6883489c
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 25 20:37:30 2020 -0700

    Added assignedTo scope

commit bcad49ce79
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 16:10:22 2020 -0700

    Try to better handle slack “too many requests” issue

commit b5acca89d7
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 16:02:15 2020 -0700

    Check for admin for slack notifications

commit e52919cf1b
Merge: 714576be4 29f3a5c48
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 15:35:15 2020 -0700

    Merge pull request #8327 from snipe/features/checkin_license_from_all_users

    Checkin license from all users cli tool

commit 29f3a5c48f
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 15:27:40 2020 -0700

    Use more verbose annotation for Auth::user if/else

commit 134e8e6fb9
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 15:25:07 2020 -0700

    Moved user email nulling until after the save

commit 714576be45
Merge: b999c50a2 512899294
Author: Brady Wetherington <bwetherington@grokability.com>
Date:   Fri Aug 14 15:24:03 2020 -0700

    Merge pull request #8328 from snipe/fix_deprecation_report

    Fix deprecation report for customers with many active assets

commit 5128992940
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Fri Aug 14 15:03:03 2020 -0700

    Fix deprecation report for customers with many active assets

commit 0291323502
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 14:57:58 2020 -0700

    Use the user as the target

commit e0f6f9b839
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 14:43:37 2020 -0700

    Artisan command to check in licenses from all users

commit f1a6308002
Author: snipe <snipe@snipe.net>
Date:   Fri Aug 14 14:43:07 2020 -0700

    Check for Auth::user before trying to log id (for cli)

commit b999c50a2e
Merge: 9ca20e496 e3906b245
Author: snipe <snipe@snipe.net>
Date:   Wed Aug 12 12:37:47 2020 -0700

    Merge pull request #8316 from Godmartinz/bug/ch15028/missing-or-incorrect-error-message-translation

    Looks great, thank you!

commit e3906b245c
Author: Godfrey M <godmartinz@gmail.com>
Date:   Wed Aug 12 12:27:18 2020 -0700

    added translation for admin/licenses/message.not_found

commit 9ca20e4964
Merge: e0644dbbf 456a74d88
Author: Brady Wetherington <bwetherington@grokability.com>
Date:   Tue Aug 11 17:33:19 2020 -0700

    Merge pull request #8313 from snipe/improve_ldap_search_error_reporting

    Improve ldap search error reporting

commit 456a74d88c
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Tue Aug 11 16:41:20 2020 -0700

    De-merge out incorrectly merged files. Whoops!

commit 799c059070
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Tue Aug 11 16:21:18 2020 -0700

    Add internationalized version of LDAP error message

commit c62d43a778
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Mon Aug 10 17:04:17 2020 -0700

    Improve Exception management in Artisan LDAP Sync method. Still need to localize this better

commit b725bd0fae
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Mon Aug 10 17:23:04 2020 -0700

     Add @PeterUpfold as a contributor

commit e0644dbbf6
Merge: 5b6925b00 004ecad05
Author: Brady Wetherington <bwetherington@grokability.com>
Date:   Mon Aug 10 17:22:31 2020 -0700

    Merge pull request #8105 from PeterUpfold/PeterUpfold-7661workaround

    Propose workaround for #7661 — suppress E_DEPRECATED on ldap_control_paged_result()

commit 5b6925b00c
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 4 21:00:37 2020 -0700

    Removed debugging :(

commit df17a859bf
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 4 20:59:54 2020 -0700

    Changed modal IDs so manager creation modal works on user creation main page

commit 24c43056ba
Author: snipe <snipe@snipe.net>
Date:   Tue Aug 4 20:58:28 2020 -0700

    Moved pGenerator script to default layout footer

    This fixes an issue where the password generator wouldn’t load in a modal in Chrome

commit 606b7e905d
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 31 17:02:33 2020 -0700

    Small edits to PR template

    Slight text changes to ask specifics about versions

commit d73ddad477
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 31 16:59:26 2020 -0700

    Created a PR template

    First draft of the PR guidelines template

commit 9a39cf721e
Merge: 7410b1683 8994f3e15
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 31 12:18:49 2020 -0700

    Merge pull request #8258 from ballertv/features/consumable-api

    This looks great, thank you!

commit 7410b16835
Merge: e955c983a b09e7d19b
Author: Brady Wetherington <bwetherington@grokability.com>
Date:   Fri Jul 24 16:22:44 2020 -0700

    Merge pull request #8270 from snipe/improve_ad_useraccountcontrol_v4

    Add new useraccountcontrol value for valid AD users

commit 8994f3e15e
Author: andres <andresgutierrez535@gmail.com>
Date:   Wed Jul 22 19:57:06 2020 -0400

    cleanup

commit d23f1a77ca
Author: andres <andresgutierrez535@gmail.com>
Date:   Wed Jul 22 18:46:02 2020 -0400

    implement checkout API

commit e955c983a3
Merge: 2fa17ac18 eed41e454
Author: snipe <snipe@snipe.net>
Date:   Wed Jul 22 13:43:29 2020 -0700

    Merge pull request #8250 from snipe/features/adds_addr_city_state_to_importer

    Added address, city, state and country to importer and city to bulk editor

commit b09e7d19b3
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Wed Jul 22 13:32:16 2020 -0700

    Add new useraccountcontrol value for valid AD users; document algorithm and values

commit 2fa17ac185
Merge: b90515437 3b1e46f72
Author: snipe <snipe@snipe.net>
Date:   Wed Jul 22 12:06:31 2020 -0700

    Merge pull request #8254 from Godmartinz/gmartinez_adds_email_formats

    Added firstinitial.lastname, lastname_firstinitial, firstnamelastname…

commit 3b1e46f72b
Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com>
Date:   Wed Jul 22 11:25:57 2020 -0700

    Update general.php

commit 0c1a1de2a2
Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com>
Date:   Wed Jul 22 11:24:36 2020 -0700

    Update general.php

    fixed typo

commit 20c9ae5818
Author: Godfrey M <godmartinz@gmail.com>
Date:   Wed Jul 22 10:21:19 2020 -0700

    Added firstinitial.lastname, lastname_firstinitial, firstnamelastname and firstnamelastinitial to username formats

commit eed41e4549
Author: snipe <snipe@snipe.net>
Date:   Tue Jul 21 16:57:32 2020 -0700

    Moved address down further, fixed broken HTML

commit b750f4754f
Author: snipe <snipe@snipe.net>
Date:   Tue Jul 21 16:49:54 2020 -0700

    Added city to bulk user importer

commit c17a06792a
Author: snipe <snipe@snipe.net>
Date:   Tue Jul 21 16:49:38 2020 -0700

    Added address, city, state, country to user importer

commit 4f76cc6cfb
Author: snipe <snipe@snipe.net>
Date:   Tue Jul 21 16:46:13 2020 -0700

    I don’t actually know what this file is for

commit b905154373
Author: snipe <snipe@snipe.net>
Date:   Mon Jul 20 14:29:32 2020 -0700

    Fixed #8247 - added notes field to user details display

commit daf748e531
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 17 12:32:01 2020 -0700

    Bumped hash

commit 799a93c46a
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 17 12:11:32 2020 -0700

    Allow for email/username search on users

commit 34aa12e229
Merge: 81a633288 897757bd0
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 16 17:44:13 2020 -0700

    Merge pull request #8239 from snipe/fixes/api_rtd_to_location_on_create

    Set location_id to rtd_location_id on asset creation

commit 897757bd04
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 16 17:43:44 2020 -0700

    Removed added line for location

commit c7125c3937
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 16 16:34:39 2020 -0700

    Set location_id to rtd_location_id on asset creation

commit 81a6332889
Author: snipe <snipe@snipe.net>
Date:   Tue Jul 14 13:55:38 2020 -0700

    Removed license ID from seats table cookie info

    This typically wouldn’t be necessary, since most people would want to view the same *types* of data across licenses

commit 6e563f6e4b
Merge: 5320f5c67 7f69ae953
Author: snipe <snipe@snipe.net>
Date:   Mon Jul 13 21:16:54 2020 -0700

    Merge branch 'master' of https://github.com/snipe/snipe-it

commit 5320f5c67c
Author: snipe <snipe@snipe.net>
Date:   Mon Jul 13 21:16:45 2020 -0700

    Disallow non-super users from editing their own permissions

commit 7f69ae953b
Merge: c79f8c1ba 17f6fbabf
Author: snipe <snipe@snipe.net>
Date:   Mon Jul 13 21:16:00 2020 -0700

    Merge pull request #8227 from snipe/fix_select2_ajax_pulldowns

    Changes how we do AJAX calls via Select2 for dynamic drop-down menus

commit 17f6fbabfa
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Mon Jul 13 21:12:03 2020 -0700

    Switch to 'items' to maintain compatbility with other internal API's

commit c79f8c1baf
Merge: 12c92e30b 536401fe0
Author: snipe <snipe@snipe.net>
Date:   Mon Jul 13 17:42:16 2020 -0700

    Merge pull request #8207 from EDVLeer/patch-1

    Update snipeit.sh

commit e7a820f7c9
Author: Brady Wetherington <uberbrady@gmail.com>
Date:   Mon Jul 13 17:14:31 2020 -0700

    Changes how we do AJAX calls via Select2 for dynamic drop-down menus

commit 12c92e30b7
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 10 16:21:27 2020 -0700

    Show whether or not the user was imported via LDAP in the view page

commit fd10b755b0
Author: snipe <snipe@snipe.net>
Date:   Fri Jul 10 11:30:01 2020 -0700

    Removed the sr-only tag in table headers

    It was breaking Bootstrap Tables column selector :(

commit dbbb7680d9
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 9 21:12:50 2020 -0700

    A few more fixes for the cli

    Do not check out a piece of software if it’s already been checked out to the user

commit cf0dd5bbad
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 9 20:43:13 2020 -0700

    Small fixes for cli tool

commit 25e53d8c7f
Merge: ec6ed256f 89d433b41
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 9 20:27:01 2020 -0700

    Merge pull request #8216 from snipe/features/checkout_license_to_all_users

    Added CLI tool to checkout license to all users

commit 89d433b41a
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 9 20:26:02 2020 -0700

    Removed duplicate seat call

commit e2570ada6f
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 9 20:04:05 2020 -0700

    CLI tool to checkout a license to ALL users

commit 45afe725a1
Author: snipe <snipe@snipe.net>
Date:   Thu Jul 9 20:03:47 2020 -0700

    Only try to get the company if there is an auth’d user

    (Needed for command line tools, where no Auth::user() is present)

commit 536401fe0f
Author: EDVLeer <32170051+EDVLeer@users.noreply.github.com>
Date:   Tue Jul 7 08:21:36 2020 +0200

    Update snipeit.sh

    Ubuntu 20.04

commit ec6ed256fb
Author: snipe <snipe@snipe.net>
Date:   Mon Jul 6 18:45:43 2020 -0700

    Bumped minor version

commit 2aaa7bed2d
Merge: 339bdddc3 cc9f1577a
Author: snipe <snipe@snipe.net>
Date:   Thu Jun 25 18:37:41 2020 -0700

    Merge pull request #8183 from snipe/features/merge_users

    Added merge utility

commit cc9f1577a4
Author: snipe <snipe@snipe.net>
Date:   Thu Jun 25 17:43:53 2020 -0700

    Removed unused use directives

commit ab1fe8be0c
Author: snipe <snipe@snipe.net>
Date:   Thu Jun 25 17:42:39 2020 -0700

    Added merge utility

commit 339bdddc38
Author: snipe <snipe@snipe.net>
Date:   Thu Jun 25 11:00:33 2020 -0700

    Fix for Vue js not loading due to CSP :(

commit 35b9cf4b70
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 23 02:41:59 2020 -0700

    Fixed missing db prefix on scopeDueOrOverdueForAudit

commit 7ccb41371e
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 23 01:09:39 2020 -0700

    Removed unoptimized images directive

    securityheaders.com is claiming it’s onrecognized, even though I got that directive from their site, so… whatever. ¯\_(ツ)_/¯

commit 2e60a457bf
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 23 01:07:00 2020 -0700

    Dumb fix for feature-policy being dumb.

commit 2390d2160b
Merge: b42801f6a 00b051b8c
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 23 00:27:47 2020 -0700

    Merge pull request #8164 from snipe/features/additional_security_headers

    Additional security headers

commit 00b051b8c7
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 23 00:26:09 2020 -0700

    Added a few more comments

commit 05b3a9ad7e
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 23:17:27 2020 -0700

    Config variable for HSTS

commit 4fb880384f
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 22:37:14 2020 -0700

    Changed comment

commit 43042ad841
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 22:35:59 2020 -0700

    Consolidated ReferrerPolicy into new SecurityHeaders file

commit a716382ac4
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 22:33:37 2020 -0700

    Removed CSP middleware (it’s added in the general header)

commit 36c8f7f4f1
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 22:31:01 2020 -0700

    Additional security headers

commit b42801f6ae
Merge: de4934f21 946129f20
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 20:47:35 2020 -0700

    Merge pull request #8163 from snipe/fixes/fix-for-css-on-column-selector

    Fixed weird padlock display in asset listing with encrypted custom fields

commit 946129f206
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 20:45:20 2020 -0700

    Made quote style consistent

commit b941ef1e08
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 20:41:40 2020 -0700

    Pulled CSS font awesome styles out of the blade and into overrides.css

commit d1aa11ec89
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 20:29:19 2020 -0700

    Fix for weird padlock display in asset listing with encrypted custom fields

commit de4934f21d
Merge: af06e4205 b10076b01
Author: snipe <snipe@snipe.net>
Date:   Mon Jun 22 17:28:38 2020 -0700

    Merge pull request #8162 from Godmartinz/godfreymartinez-ghi-font-size-of-qr_text

    Fixed #8161 and #8114 - font-size for labels used static values in blade instead of using values from settings

commit b10076b015
Author: Godfrey M <godmartinz@gmail.com>
Date:   Mon Jun 22 17:04:39 2020 -0700

    corrected an error where font-size for labels were static in settings.

commit af06e42056
Author: snipe <snipe@snipe.net>
Date:   Wed Jun 17 11:17:25 2020 -0700

    Bumped version

commit 9a2440dc4b
Merge: beae8efb2 2ac1c1636
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 16 20:20:07 2020 -0700

    Merge pull request #8141 from snipe/fixes/better_handling_when_license_is_invalid

    Better handle the logic to determine if we should display the license checkout blade [ch13792]

commit 2ac1c1636c
Author: snipe <snipe@snipe.net>
Date:   Tue Jun 16 16:12:57 2020 -0700

    Better handle the logic to determine if we should display the license checkout blade

commit 004ecad059
Author: Peter Upfold <pgithub@upfold.org.uk>
Date:   Wed Jun 3 08:59:50 2020 +0100

    Force suppress deprecation warning on ldap_control_paged_result()

commit beae8efb21
Merge: d14ab7e3e 9839e5e56
Author: snipe <snipe@snipe.net>
Date:   Wed May 27 23:01:33 2020 -0700

    Merge pull request #8088 from Godmartinz/Label_Woes

    Barcode resizing and text adjustment

commit 9839e5e566
Author: Godfrey M <godmartinz@gmail.com>
Date:   Wed May 27 12:27:40 2020 -0700

    adjusted for all label text, removed local variable

commit d14ab7e3e1
Author: snipe <snipe@snipe.net>
Date:   Wed May 27 00:22:44 2020 -0700

    Porting change from #8053 to master

    Signed-off-by: snipe <snipe@snipe.net>

commit e7f74d94c1
Author: Godfrey M <godmartinz@gmail.com>
Date:   Tue May 26 17:22:45 2020 -0700

    Label_Woes

commit e97cf011b6
Author: Godfrey M <godmartinz@gmail.com>
Date:   Tue May 26 17:15:39 2020 -0700

    Label_Woes

commit ed23505054
Author: Godfrey M <godmartinz@gmail.com>
Date:   Tue May 26 17:10:45 2020 -0700

    Label_Woes

commit 001e721530
Merge: f88683766 8210da6e8
Author: snipe <snipe@snipe.net>
Date:   Wed May 20 10:21:52 2020 -0700

    Merge pull request #8063 from dmeltzer/backport-8092

    BACKPORT: Fix Missing Category selection in Asset Model Modal dialog - [ch14635]

commit 8210da6e82
Author: Daniel Meltzer <dmeltzer.devel@gmail.com>
Date:   Wed May 20 10:29:27 2020 -0400

    Fix Missing Category selection in Asset Model Modal dialog.

    A select html tag needs a full closing tag. is not valid. This was causing the select2 js to barf and eat additional information.

commit f88683766b
Author: snipe <snipe@snipe.net>
Date:   Thu May 14 00:55:47 2020 -0700

    Roll back previous change

    Signed-off-by: snipe <snipe@snipe.net>

commit e4385c0f8c
Author: snipe <snipe@snipe.net>
Date:   Thu May 14 00:48:30 2020 -0700

    Fixes #8051 regression

    Signed-off-by: snipe <snipe@snipe.net>

commit 0550fe0ffa
Author: snipe <snipe@snipe.net>
Date:   Tue May 12 10:31:54 2020 -0700

    Fix for session fixation vulnerability

    Signed-off-by: snipe <snipe@snipe.net>

commit 7fb3a9b82c
Merge: 9a2ed804c ecb1e87fe
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 22:41:36 2020 -0700

    Merge pull request #8043 from snipe/features/backup-optional-in-import-and-ldap

    Added option to disable backup in import

commit ecb1e87fe6
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 20:45:15 2020 -0700

    Updated assets

    Signed-off-by: snipe <snipe@snipe.net>

commit f43df5f041
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 20:44:46 2020 -0700

    Fixed form label

    Signed-off-by: snipe <snipe@snipe.net>

commit 95cc48e422
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 20:41:10 2020 -0700

    Added option to disable backup in import

    Signed-off-by: snipe <snipe@snipe.net>

commit 9a2ed804ca
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 20:28:42 2020 -0700

    Fixed mismatched HTML header tags

    Signed-off-by: snipe <snipe@snipe.net>

commit d20fad28e5
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 20:28:24 2020 -0700

    Use more modern request helper

    Signed-off-by: snipe <snipe@snipe.net>

commit ae813ddf75
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 18:11:16 2020 -0700

    Add @alek13 as a contributor

commit bb42109c0c
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 18:10:45 2020 -0700

    Added a clarifying comment

    Signed-off-by: snipe <snipe@snipe.net>

commit f46ecf8ec0
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 18:07:20 2020 -0700

    Updated composer lock

    Signed-off-by: snipe <snipe@snipe.net>

commit b9e821c0e6
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 18:07:14 2020 -0700

    Small fix for Group Functional Tests

    Signed-off-by: snipe <snipe@snipe.net>

commit 9ee28c7513
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 18:07:02 2020 -0700

    Switched to use info instead of danger on undeployable statuses

    Signed-off-by: snipe <snipe@snipe.net>

commit 1a8ba06702
Merge: 0fd232e70 ee4d69b1c
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 17:53:32 2020 -0700

    Merge branch 'master' of https://github.com/snipe/snipe-it

commit 0fd232e70d
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 17:53:24 2020 -0700

    Fixed group functional test

    (We had changed the minimum to 2 instead of 3)

    Signed-off-by: snipe <snipe@snipe.net>

commit ee4d69b1c5
Merge: 31c535094 d1ad11194
Author: snipe <snipe@snipe.net>
Date:   Mon May 11 17:52:45 2020 -0700

    Merge pull request #8041 from alek13/patch-1

    use supported package for slack

commit d1ad111949
Author: Alexander Chibrikin <alek13.me@gmail.com>
Date:   Mon May 11 20:31:13 2020 +0300

    use supported package for slack

    see https://github.com/maknz/slack/issues/94

commit 31c5350941
Author: snipe <snipe@snipe.net>
Date:   Fri May 1 01:05:48 2020 -0700

    Fixed incorrect route for groups edit

    Signed-off-by: snipe <snipe@snipe.net>

commit 7eb70e17e0
Merge: 5bb4f271a 3dfcb4699
Author: snipe <snipe@snipe.net>
Date:   Fri Apr 24 04:50:37 2020 -0700

    Merge pull request #7993 from snipe/fixes/7989_column_selector

    Fixed #7989 - Converted table heading icons in People to CSS glyphs

commit 3dfcb46991
Author: snipe <snipe@snipe.net>
Date:   Fri Apr 24 04:41:08 2020 -0700

    Minor formatting changes

    Signed-off-by: snipe <snipe@snipe.net>

commit 96eb96f964
Author: snipe <snipe@snipe.net>
Date:   Fri Apr 24 04:27:00 2020 -0700

    Removed stray val (typo)

    Signed-off-by: snipe <snipe@snipe.net>

commit a2f08bd3ba
Author: snipe <snipe@snipe.net>
Date:   Fri Apr 24 04:08:54 2020 -0700

    Added comments

    Signed-off-by: snipe <snipe@snipe.net>

commit e009fbe59f
Author: snipe <snipe@snipe.net>
Date:   Fri Apr 24 04:04:53 2020 -0700

    Converted table heading icons in People to CSS glyphs

    Signed-off-by: snipe <snipe@snipe.net>

commit 5bb4f271aa
Author: snipe <snipe@snipe.net>
Date:   Fri Apr 24 00:47:19 2020 -0700

    Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets

    Signed-off-by: snipe <snipe@snipe.net>
2020-08-31 12:17:19 -07:00
snipe fa5134603f
Added type casting and a few more validation rules
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 06:37:40 -07:00
snipe c02adace61
Ensure at the model level that location.id/user.id and location.parent_id/user.manager_id cannot be the same 2020-04-21 19:51:20 -07:00
snipe 8127fdc5bc Min password requirement set to 8 characters 2019-11-18 21:17:51 -08:00
snipe 5290c47e2a Merge branch 'develop' into v5-master-develop-integration
# Conflicts:
#	.env.example
#	.travis.yml
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetFilesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Middleware/EncryptCookies.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/AssetMaintenance.php
#	app/Models/Location.php
#	app/Models/User.php
#	composer.json
#	composer.lock
#	config/backup.php
#	config/database.php
#	config/version.php
#	public/mix-manifest.json
#	resources/lang/en-ID/general.php
#	resources/lang/vi/admin/settings/general.php
#	resources/views/accessories/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/layouts/default.blade.php
#	tests/api/ApiCategoriesCest.php
2019-11-18 19:49:39 -08:00
snipe 441ae69f5c
Integrations/develop into master (#7352)
* Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)

* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)

* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)

* Fixed #7003 - crash when warranty months or purchase date is null

* Fixed #6956 - viewKeys policy inconsistent  (#7009)

* Fixed #6956 - Added additional gates show showing/hiding license keys

* Modified gate to allow user to see licenses if they can create or edit the license as well

* Added API middleware to API routes to enable throttling

TODO: Figure out how to make this costumizable without touching the code

* Import locations from CSV via command line (#7021)

* Added import locations command

* Small fixes to location importer

* Added country, LDAP OU

* Cleaned up comments, added more clarification to what the script does

* Added ability to update groups via API

Fixes [ch9139]

* Bumped version

* Fixed #6883 - remove escaping of fields on LDAP import

* Fixed #6880 - correctly encrypt encrypted fields via the API

* Fixes #5054: LDAP users deactivated for none-ad (#7032)

When using none-AD ldap, users are automatically deactivated every LDAP
sync.  This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.

Fixed #5054, at least for 4.X

* Updated packages

  - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
  - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
  - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
  - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
  - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
  - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
  - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)

* Fixed #7044 - API update deleted custom fields if they are not re-presented

* Fixed XSS vulnerability when creating a new categories, etc via modal on create

Same fix as before, because of the weird select2 post-parsing ajax behavior

* Updated email strings

* Fixed #7046 - added user website url back into UI

* Updated language strings

* Bumped version

* Updated packages

* New backups config for spatie

* Removed debugbar service provider (autodiscovery)

* Use laravel v5.5 withCount manual aliases

* Added spatie language files

* Removed old laravel backups config

This config file was renamed in a newer version of spatie laravel-backup

* Set the serialization

* Added the command loader to console kernel

* Renamed fire() to handle()

* Updated withCount to use manual naming

* Updated backup path in backup admin

* Updated travis with new php versions

* Bumped laravel version in readme

* Fixed custom field edit screen

* Fixed baseUrl is undefined error

I literally cannot figure out how this ever worked before.

* Fix for included files in backup

* Bumped version

* Switch has() to filled()

* Change ->has() to ->filled()

* Removed cosole log

* Bumped packages

* Use getReader instead of fetchAssoc for CSV parser

https://csv.thephpleague.com/9.0/upgrading/

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Trying to fix ajax asset validation

This I think gets us closer, but still not handling the validation on the asset properly.

When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:

```
Illuminate\Support\MessageBag Object
(
    [messages:protected] => Array
        (
            [name] => Array
                (
                    [0] => The name field is required.
                )

            [seats] => Array
                (
                    [0] => The seats field is required.
                )

            [category_id] => Array
                (
                    [0] => The category id field is required.
                )

        )

    [format:protected] => :message
)
```

Currently the Assets ajax returns:

```
[2019-05-24 06:52:06] develop.ERROR: array (
  'messages' =>
  array (
    'model_id' =>
    array (
      0 => 'The model id field is required.',
    ),
    'status_id' =>
    array (
      0 => 'The status id field is required.',
    ),
    'asset_tag' =>
    array (
      0 => 'The asset tag field is required.',
    ),
  ),
)
```

So not sure why it’s not working.

* Fixed missing asset validation

* Check that a model exists before trying to fiddle with fieldsets

* Tidied up license check

* Removed extra escaping on checkin

* Updated importer to work with newer CSV Reader::getRecords() method

* Fixed field mapping

* Small fix for reordering fields

Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]

This needs revisiting for a more solid fix, especially for data that was already entered bad.

* Fixed bug where sorting by company name in Users API did not work

Fixes [ch9200]

* Removed custom fields from AssignedSearch to prevent confusing data in selectlist

Fixes [ch9193]

* Removed alert-danger from tests

* Fixed missed consumables_count withCount() statement

* Fixed Undefined variable user in $backto if checked out to a non-user

Fixes [ch9194]

* Check for valid model before attempting to access fieldsets

Fixes [ch1249]

* Only build the log upload destination path if there is a matching record

Fixes [ch1232]

* Fixed free_seats_count variable name

(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)

* Only gtry to delete the file if a record is found in the log

* Only try to get fieldset if model is valid

* Fixed more camel-casing -> snake-casing

* Only display the file if the log record can be found

* Fixed casing in sync command

* Updated README

* Derp - typo

* Added link to Atlassian plugin

* More Atlassian clarifications

* Show accessory image on view page

* Increased image size to 800px, added lightboxes

* Fixed #7083 - Removed user_exists constraint on department save

If the user has been deleted, this prevented the department from being successfully saved on edit

* Updated branch in version file

* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)

* bump up to php7.1

& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`

* AND modapache ><

* 2 updates required to get software-properties+ppa

* Bumped version

* Bumped release again :(

* Missed one

* Fixed #7098 - updated backup config for deleteFile() method

* Fixed #7092 -  handle weird port forwarding/port numbers for baseUrl

* Bumped version

* Fixed #7099 - set email to null by default for backup notifications

* Removed old comments

* Fixed #7100 - Check if $user isset on checkin

* Increased throttle to 120 requests per minute

* Added Filipino, corrected order for Spanish variations

* Update language strings

* Bumped hash

* Changed has to filled to fix bulk asset editing

* Bumped point version

* Small fixes for phpleague CSB reader v9

* Improved error checking in locations importer

* Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility

* Reduce minimum group name length to 2 (from 3)

eg: IT

* Back in time fix FOR #7145 for new installs on MySQL 8+

* Fixed permission insert

//TODO

Handle this via model

* Possible fix for reporting/admin migration back in time

* Fixed #7164 - change table name to permission_groups

* Fixed LDAP password blanking on save

* fixing previous commit's actual wiping of password (#7183)

replaced Input::fille('ldap_pword') with _filled_.   Should be good to go.  

https://github.com/snipe/snipe-it/issues/7179

https://github.com/snipe/snipe-it/issues/7169

* Bumped version

* Downgrading rollbar for Laravel 5.5

* Spelling Correction (#7206)

Fixed Spelling for the word reqrite, to be rewrite.

* Fix #6910: Add logic to manipulate the eloquent query. (#7006)

* Added company_id to consumables_users table

* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users

* Remove a migration that tries to fix this problem, but is not longer necessary

* Addresses #7238 - add PWA code to layout

Needs additional UX testing

* Better log message for bad LDAP connection

* Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed

* Comment clarification on #7186

* Check for valid seat on hardware view

* Added space between footer and custom message

* Cap warranty months to three characters

Filles rollbar 209

* Cap warranty months to 3 on the frontend blade

* Fixed countable() strings on user destroy

* Check that the user has assets and that the aset model is valid

* Bumped hash

* Caps asset warranty to 20 years

* Command to fix custom field unicode conversion differences between PHP versions (#7263)

* Fixes #7252 form request changes (#7272)

* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code

* Apply fix from PR #7273 to master

* Bumped hash

* Fixed #7250 - permission issue for API fieldsets and fields endpoints

This applies the change from #7294 to master

* Add @mskrip as a contributor

* Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name

* CORS for api (#7292)

* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer

* Bumped version

* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)

* Added comments to the ByFilter query scope for clarity

* Added accessories checkout/checkin API endpoint

* Fixed CVE-2019-10742

https://nvd.nist.gov/vuln/detail/CVE-2019-10742

* Update README.md (#7334)

Add reference to CSV importer.

* Group related variables in .env

* History importer fixes

* Fixes to history importer
2019-08-14 21:48:14 -07:00
snipe a85251aa83 Fixed #7164 - change table name to permission_groups 2019-06-14 10:37:20 -07:00
snipe c5a23e8f5e Fixed bug where sorting by company name in Users API did not work
Fixes [ch9200]
2019-05-24 13:37:20 -07:00
snipe b2eacb147b Fixed #7046 - added user website url back into UI 2019-05-21 18:55:12 -07:00
snipe fe553aec02 Added first-initial dot lastname format for usernames/email
Fixed [ch1379]
2019-04-02 18:21:54 -07:00
snipe bca82684a1 Merge branch 'hotfixes/2fa_qr' into develop
# Conflicts:
#	.all-contributorsrc
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/ImportController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/ImportsController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Requests/ItemImportRequest.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/version.php
#	docker/startup.sh
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
2019-03-20 02:17:02 -07:00
snipe 0e1289f12f
Fixes #6821 - fixed 2 fa active for users list (#6822)
* Fixed #6821 - confusing UI for 2FA when 2FA is universally enforced

I also updated the language in the user’s listing table to clarify what “activated” means

* Added login enabled info to user view

* Clarified comments

* Added info about 2FA on user profile

Because why not

* Added nowrap to table, and added 2FA reset for superadmins
2019-03-18 11:59:02 -07:00
Martin Meredith e3e0d57f56 Minor code cleanup bits and bobs (#6805)
* Add IDE Helper files

* Cleanup imports

- Alphabetises imports
- Removes unused imports

* Add Platform requirements

* Move filling asset into block where asset exists

* Remove duplicate array keys
2019-03-13 20:12:03 -07:00
snipe 28a450ea25
Added ability to do full name search in user dropdown selectlist (#6784) 2019-03-05 21:13:39 -08:00
snipe 6696685d0b Merge branch 'fixes/full_name_search_user_selectlist' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	routes/api.php
2019-03-05 20:57:10 -08:00
snipe f065bd7784 Added ability to do full name search in user dropdown selectlist 2019-03-05 20:40:05 -08:00
snipe 1e1d32dc85 Make user notes field editable via API 2019-02-13 01:32:00 -08:00
snipe f88fee0f21 Make user notes field editable via API 2019-02-12 23:58:30 -08:00
snipe da34b82b3e Do not count deleted locations in managedLocation check on user delete 2019-02-12 23:33:01 -08:00
snipe 5e19178a30 Do not count deleted locations in managedLocation check on user delete 2019-02-12 23:32:10 -08:00
snipe d1fe7abb18 Replaced custom deleted query scopes with onlyTrashed() 2019-01-24 14:47:44 -08:00
snipe 39bca49e8f Specify table name in deleted user display 2019-01-24 14:38:18 -08:00
snipe b8269020ae Specify table name in deleted user display 2019-01-24 14:37:39 -08:00
snipe ffc51d6db6 Specify table name in deleted user display 2019-01-24 14:33:54 -08:00
Ivan Nieto 3fa5976315 Language of mail doesn't show as intended by the settings. [ch87] (#6619)
* Fixes #5554. Language of mail doesn't show as intended by the settings.
2019-01-22 14:02:08 -08:00
snipe fb502df089 Fixed dumb code indenting 2018-12-05 18:36:39 -08:00
snipe f6c0e7cc9c Fixed #6464 - added company name to searchable field in user search 2018-12-05 17:20:22 -08:00
snipe 8937edb97e Better validation for manager_id 2018-10-03 00:26:51 -07:00
snipe afac0bc441 Removed old isActive model (unused) 2018-09-26 19:05:42 -07:00
nix f85e3edfc7 fixed checking permissions for users with no permissions set (#6229)
When a user has no permissions set (=NULL) in the database (like after an
LDAP import) but is a member of a group with permissions, those group
permissions would not have be applied, effectively denying every access
regardless of group permissions.
2018-09-25 13:24:50 -07:00
snipe 2c38036123
Improvement: Better documentation, small refactors (#6017)
* Better documentation, small refactors

* Small comment fixes
2018-08-01 00:06:41 -07:00
snipe 7a9a78ec53 Make Codacy happy by reversing the signature params 2018-07-25 07:14:16 -07:00
snipe b2968ea6c6 Fixed paths to Aurhorizable/Authenticatable contracts 2018-07-24 21:29:08 -07:00
Daniel Meltzer cf03d25934 Fix importer emailformat (#5871)
* Fix Importer emailformat

Str::slug() strips periods from the string, which caused our existing
logic to misbehave when generating a user's email on an import.  Adjust
logic to use generateEmail() helper on user instead.  Also clean up some
of the logic in this method.

* Remove dead code.

* More refactor/cleanup of the user create method.  I think it is almost readable now.
2018-07-17 16:46:08 -07:00
Till Deeke b5de5ac19c Fix: Searching for multiple terms on assets (#5860)
* Give advancedTextSearch all search terms at one

The additional conditions for assets had some problems, since they were joining tables for the additional attributes. The method was called once for every search term, so the join was added multiple times if the user entered multiple search terms.

* Allows search to handle multiple search terms better

The search now better handles multiple search terms, adding additional orWhere clauses, instead of duplicating all queries.

* Fixing typo
2018-07-16 17:44:31 -07:00
Till Deeke baa3be728d Refactoring: A nicer and easier syntax for searching models (#5841)
* Adds the ability to search by dates

Adding extra „where“-conditions to the „TextSearch“ queries, allowing the users to search by dates

* Adds missing dates to $dates in models

* Removes duplicated „where“ conditions

* Adds the Searchable trait to models, defining the searchable attributes and relations

* Removes the old text search methods

* Adds back additional conditions to the search

These conditions could not be modeled in the „attributes“ or „relations“, so we include them here

* Removes unnecessary check for the deleted_at attribute

* Fixes typo in comments

* suppresses errors from Codacy

We can safely ignore the error codacy is throwing here, since this method is a standin/noop for models who need to implement more advanced searches
2018-07-16 14:13:07 -07:00
Stephen c23955d0b5 Allow setting of "ldap_import" through the API (#5218)
* Allow setting of "ldap_import" through the API, this will allow cusom scripts to be made to import data from Active directory using the API, this would allow any field to be filled such as the manager (based on the ID), department etc.

* Password fix for LDAP through API
2018-04-20 14:02:52 -07:00
snipe 8a6713d5c0
WIP - Improved requested assets (#5289)
* WIP - beginning of improved requested assets

- Use Ajax tables for faster loading
- Use new notifications for requesting an asset

TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user

* Only show asset name in email if it has one

* Refactor requested method to only include non-canceled requests

* Refactored requestable assets to log request and cancelation

* Added softdeletes on checkout requests

* Differentiate between canceling and deleting requests

* Added asset request cancelation notification

* Added timestamps and corrected unique key on requests table

* Improved requests view

* Re-use blade for cancel/request email

* Refactored BS table formatter for requested assets

* Location name min reduced to 2

* Added PAT test as maintenance option

This needs to be refactored into database-driven options with a UI

* Better slack message

* Added getImageUrl method for assets

* Include qty in request notifications

TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1

* Removed old asset request/cancel emails

* Added user profile asset request routes

* Added profile controller requested assets method

* Added blade link to requested assets for profile view

* Sort user history desc

* Added requested assets blade

* Added canceled at to checkoutRequest method

* Include qty in request

* Fixed comment, removed allowed_columns

* Removed Queable methods, since we don’t use a queue

* Fixed return type in method doc

* Fixed version number

* Changed id to user_id for clarity
2018-04-04 17:33:02 -07:00
snipe 46f5f21368
Notification improvements (#5254)
* Added “show fields in email” to custom fields

* Added “show images in email” to settings

* Added nicer HTML emails

* Break notifications out into their own, instead of trying to mash them all together

* Remove old notification for accessory checkout

* Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you”

* Add method for image url for accessories

* Added accessory checkout email blade

* Make accessory email notification on checkout screen consistent with assets

* Added native consumables notifications

* Fixes for asset notification

* Updated notification blades with correct-er fields

* Updated notifications

* License checkin notification - does not work yet

Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target

* Added alternate “cc” email for admins

* Only try to trigger notifications if the target is a user

* Fix tests

* Fixed consumable URL

* Removed unused notification

* Pass target type in params

* Show slack status

* Pass additional parameters

There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck.

* Pass a variable to the notification to supress the duplicate slack message

* Slack is broken :( Trying to fix

Will try a git bisect

* Put preview back into checkout

* Pulled old archaic mail

* Removed debugging

* Fixed wrong email title

* Fixed slack endpoint not firing

* Poobot, we hardly knew ye.

* Removed old, manual mail from API

* Typo :-/

* Code cleanup

* Use defined formatted date in JSON

* Use static properties for checkin/checkout notifiers for cleaner code

* Removed debugging

* Use date formatter

* Fixed target_type

* Fixed language in consumable email
2018-03-25 13:46:57 -07:00
snipe d05dfb18a7 Fixed #5150 - added lastname first initial as username format 2018-03-05 21:39:05 -08:00
Daniel Meltzer 7de8f71f58 Api tests (#5096)
* Use the formated date helper to clean up verifications.

* Add Checkin/Checkout api tests.

* Accessories api test

* Add Companies API Test.

* Return ModelNotFound as a 404.

* Cleanups/simplficiations/updates.

* Locations api test.

* currency and image should be fillable on location.

* Update components api test.

* Use findOrFail so we return a 404 instead of a 200.  Matches other item types.

* order_number should be fillable in component.

* Add updated_at and permissions to information returned from api for a user.

* Add users test and flesh out factory and fillable fields.

* Add test for assets method

* API status label test.

* Disable php7.2 for now on travis until the count(null) issues are remedied

* Add serial to update.

* API model not found should return a 200
2018-02-24 19:01:34 -08:00
snipe cbd8409611 Fixed #5067 - account for only one name in generateFormattedNameFromFullName 2018-02-22 14:10:58 -08:00
snipe 62edf14893 Refactored method to generate usernames from full names 2018-02-13 20:31:11 -08:00
Tim Bishop b346556caa Allow manager_id to be fillable. (#4882)
The API UsersController accepts manager_id, but calls the following:

$user->fill($request->all());

This results in manager_id being ignored. I can't see any problem with
allowing a user's manager to be modified using the API, so this change
allows it.
2018-01-22 13:12:02 -08:00
vcordes79 96a469db36 allow changing user activated field via api (#4843) 2018-01-17 05:38:10 -08:00
vcordes79 52a99faf68 fix phone number update in api (#4842) 2018-01-17 05:33:55 -08:00
snipe 6b257cc287 Concat search for full name 2017-12-12 12:52:10 -08:00
snipe 5ee6e7f94b Fixed #4613 - Added table prefix to user search DB raw 2017-12-11 22:31:07 -08:00
snipe 87ba042b2d Fixed manager name subquery on user search
Self-joins in Laravel make baby jesus cry :(
2017-11-03 14:47:31 -07:00
snipe 416455fe01 Fixes weird manager_id validation
This is a shit fix - need to find out what’s happening here.
2017-11-03 12:48:00 -07:00
snipe 121e158f39 Change method name from userloc to location
This needs to be changed in more places though
2017-10-31 05:22:57 -07:00
snipe 4eee7f8d97 Added address for users - fixes #4323 2017-10-30 18:57:00 -07:00
snipe 39c68214e9 More ajax menu fixes 2017-10-28 11:17:52 -07:00
Daniel Meltzer 3cea12565b Add missing policies (#4330)
* Add Authorizable trait and interface to our user model so we have access to User::can/User::cant.  We should take a look at where else our user model has diverged from Larvel since it was created...

* Policy cleanup/fixes.

This commit adds policies for the missing backend/"settings" areas.  The
permissions were implemented a while back but the policies did not, so
authorizing actions was failing.

In addition, this condenses a lot of code in the policies into base
classes.  Most of the files were identical except for table names, so we
move all of the checks into a base class and override the table name in
each policy.

* Use a better name and permission for the check in the default layout.
2017-10-27 18:01:11 -07:00
snipe 7d64ab3158 Fixes #4294 - pass correct group ID for group user listings 2017-10-24 04:39:47 -07:00
snipe fc644925ea Fixes #4291 - adds phone to user listing 2017-10-23 14:21:51 -07:00
snipe c069829b33 Fixes #906 - groups view 2017-10-17 21:43:57 -07:00
snipe 08f3e78d26 Merge branch 'checkout-to-location-v2' of https://github.com/dmeltzer/snipe-it into dmeltzer-checkout-to-location-v2
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Transformers/LocationsTransformer.php
#	resources/views/locations/view.blade.php
#	routes/api.php
#	tests/_data/dump.sql
2017-08-25 06:04:22 -07:00
snipe 9bda62d295 ADDED: Password rules for complexity, min length, rejecting common passwords 2017-08-22 20:32:39 -07:00
snipe df87c82ddc Fixes #3805 - add/update/delete methods for User API 2017-08-03 19:50:18 -07:00
snipe 0408509fdc Fixes #3777 - correct response for two_factor_actived for user API 2017-07-29 16:25:42 -07:00
Daniel Meltzer f432f98e12 Importer tests + Fixes (#3733)
* Fix Bug in User::generateFormattedNameFromFullName

In a name "John Doe", this method would split it into "John" and " Doe",
Leaving a space in the last name when importing to the database.  Strip
this space.

* Cleanup/fix some item mapping.

Also make some changes to the importer schema to allow for unit testing.
Generate a default item mapping, and then merge that with any custom
mappings.

* Beginning work on importer unit tests.

* Strip out testrun branches from importer.  It added a lot of complexity and was not terribly useful with web importer as it stood, might reconsider down the road however.

* Normalize the mapped keys when using custom field mappings.

* Add test for custom asset import mapping.

* Make all unit tests inherit from a new custom base.

This baseclass currently calls Artisan::migrate() and seeds a Settings
instance.  This fixes unit tests after the autoincrement bits.

* Store requestable as a boolean.  Fixes some import oddities

* Work on tests for accessory importer.

* Test for custom mapping of accessory import, also adjust the internal field for purchase date.

* Update default locale fallback for currency detection

* Fix Reassignable in consumable as well.

* More importer tests and fixes.
2017-07-11 20:37:02 -07:00
Daniel Meltzer 61c6160b98 Importer mapping - v1 (#3677)
* Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue.

* Pull the modal out into a dedicated partial, move importer to views/importer.

* Add document of CSV->importer mappings.  Reorganize some code.

Progress.

* Add header_row and first_row to imports table, and process upon uploading a file

* Use an expandable table row instead of a modal for import processing.  This should allow for field mapping interaction easier.

* Fix import processing after moving method.

* Frontend importer mapping improvements.

Invert display so we show found columns and allow users to select an
importer field to map to.  Also implement sample data based on first row
of csv.

* Update select2.  Maintain selected items properly.

* Backend support for importing.  Only works on the web importer currently.  Definitely needs testing and polish.

* We no longer use vue-modal plugin.

* Add a column to track field mappings to the imports table.

* Cleanup/rename methods+refactor

* Save field mappings and import type when attempting an import, and repopulate these values when returning to the page.

* Update debugbar to fix a bug in the debugbar code.

* Fix asset tag detection.

Also rename findMatch to be a bit clearer as to what it does.
  Remove logging to file of imports for http imports because
it eats an incredible amouint of memory.

This commit also moves imports out of the hardware namespace and into
their own webcontroller and route prefix, remove dead code from
AssetController as a result.

* Dynamically limit options for select2 based on import type selected, and group them by item type.

* Add user importer.

Still need to implement emailing of passwords to new users, and probably
test a bit more.

This also bumps the memory limit for web imports up as well, I need to
profile memory usage here before too long.

* Query the db to find user matches rather than search the array.  Performance is much much better.

* Speed/memory improvements in importers.

Move to querying the db rather than maintaining an array for all
importers.  Also only store the id of items when we import, rather than
the full model.  It saves a decent amount of memory.

* Remove grouping of items in select2

With the values being set dynamically, the grouping is redundant.  It
also caused a regression with automatically guessing/matching field
names.  This is starting to get close.

* Remove debug line on every create.

* Switch migration to be text field instead of json field for compatibility with older mysql/mariadb

* Fix asset import regression matching email address.

* Rearrange travis order in attempt to fix null settings.

* Use auth::id instead of fetching it off the user.  Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
Daniel Meltzer f0d78091d2 Add a manager field to locations.
This is round one of the rethink of checkout-to-everything.  A location
now has a manager field, and the manager (by default) be responsible for
assets checked out to the location.
2017-06-12 18:23:50 -05:00
snipe aeca549bab Dept search in User query scopes 2017-05-23 02:49:27 -07:00
snipe 891660d4ea Fixes #3580 - reduce minimim username size to 1 2017-05-16 12:26:38 -07:00
snipe da66eecd74 Allow string as employee number 2017-03-10 20:57:57 -08:00
snipe 1751a8c0e0 Switched to presented for ugly BS table column headers 2017-02-03 22:20:11 -08:00
snipe d2f84a2329 Added some hidden fields 2017-01-13 00:12:26 -08:00
snipe b7bbc44052 Removed unneeded use statement 2017-01-10 23:21:47 -08:00
snipe 221cf1f9c8 Merge branch 'checkout-to-things-v1' of https://github.com/dmeltzer/snipe-it into dmeltzer-checkout-to-things-v1
# Conflicts:
#	app/Http/Controllers/AssetsController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/UsersController.php
#	app/Presenters/AssetPresenter.php
2016-12-29 16:20:17 -08:00
snipe 51ceaedfaf Small phpcbf cleanup 2016-12-29 14:02:18 -08:00
Daniel Meltzer d262aec4c3 Save Progress. 2016-12-27 19:24:41 -05:00
Daniel Meltzer 61543f3a04 Add presenters for models. (#3098)
* Add presenters for models.  Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot.  Move view specific modifications from the models to the presenters as well.

* Fix some issues found by travis and codacy

* Fix a few more issues found while testing.

* Attempt another acceptance test fix

* Try something else

* Maybe..
2016-12-23 17:52:00 -08:00
Daniel Meltzer cd8c585377 Discussion: Moving to policies for controller based authorization (#3080)
* Make delete routes work.  We put a little form in the modal that spoofs the delete field.

* Fix route on creating a user.

* Fix redundant id parameter.

* Port acceptance tests to new urls.

* Initial work on migrating to model based policies instead of global gates.  Will allow for much more detailed permissions bits in the future.

* This needs to stay for the dashboard checks.

* Add user states for permissions to build tests.

* Build up unit tests for gates/permissions.  Move accessories/consumables/assets to policies instead of in authserviceprovider

* Migrate various locations to new syntax.  Update test to be more specific

* Fix functional tests.

Add an artisan command for installing a settings setup on travis-ci

* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.

* Try to fix travis

* Update urls to use routes and not hardcode old paths.  Also fix some migration errors found along the way.:

* Add a environment for travis functional tests.

* Adjust config file to make travis use it.

* Use redirect()->route instead of redirect()-to

* Dump all failures in the output directory if travis fails.

* Cleanups and minor fixes.

* Adjust the supplier modelfactory to comply with new validation restrictions.

* Some test fixes.

* Locales can be longer than 5 characters according to faker... fex gez_ET.  Increase lenght in mysql and add a validation

* Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
snipe 25f60264bd Passport scaffolding 2016-12-14 10:06:05 -08:00
snipe 433adb1dcb Updated traits and method names for 5.3 2016-12-14 05:06:51 -08:00
snipe c47d391946 Feature - allow search on group names 2016-10-31 18:27:34 -07:00
snipe 3e701c6dd1 Fixes #2814 - adds job title to users listing display 2016-10-27 14:29:07 -07:00
Daniel Meltzer 2d8269ddcd Checkout Improvements, and initial support for requesting an asset model (#2573)
* Create a new action_log table to replace asset_log.  Use Polymorphism to generalize class and targets.  Port everything I can find to use it.  Add a migration to port the asset_logs table to action_logs.

* Initial work on requestable asset models

* Backend work for polymorphic requests table to store checkout requests.

* Add missing files

* Add a record to the db when requesting items.  Build up a testing route for interfacing with this.

* Users can now toggle requests of items on the request page.  Reformat page to use the same tab layout we use elsewhere

* Polymorphic request function.  Implement requesting of asset models.  Need to port mail/slack to notifications still.

* Implement requesting of asset models.  Build up emails and notifications to support it.  Allow specifying a quantity of model to request.

* Add view to show currently requested assets.  Needs some work and cleanup, but it isn't accessible from anywhere yet.
2016-09-15 19:58:27 -07:00
snipe aa0ccf11fa Only load the remote gravatar image if the server can talk to the outside world 2016-09-07 01:41:23 -07:00
Daniel Meltzer e86adccf19 Actionlog Class: Improvements and polymorphism (#2561)
* Save progress

* Create a new action_log table to replace asset_log.  Use Polymorphism to generalize class and targets.  Port everything I can find to use it.  Add a migration to port the asset_logs table to action_logs.

* Allow accepted_id to be nullable.

* Comment out the thread_id migration, because it b0rks on a new database with the move.  I'm unsure if the thread_id does anything...It doesn't seem to be used

* Clean up all old methods from Actionlog model.  Port everything to use new cleaner interface.

* Port the actionlog factory to fix travis.

* Adjust code to work on php5.  Also fix lurking adminlog call.

* Remove weird code

* Port the pave command.  Also fix dangling adminlog
2016-09-06 19:39:42 -07:00
snipe b450ef3534 Cast group permissions as array for older, wonky installs 2016-08-30 13:25:14 -07:00
snipe 4a9f3fd6ff Generate email method 2016-08-12 16:02:39 -07:00
snipe 39450c1fe9 Eager load throttle query 2016-08-02 01:23:53 -07:00
Daniel Meltzer eef8d1609e Small fixes (#2350)
* components.view should point to view, not create

* Fix comment

* Rename variable to accurately reflect its responsibility

* Fix line breaks in serial key, remove places where adding line breaks makes no sense.  Fixes #2344
2016-07-28 20:59:42 -07:00
snipe 16fe53928c Updated undeleted validation 2016-07-26 01:49:21 -07:00
snipe 2e665e128f Putting uniqueUndeleted into a trait for use across models 2016-07-26 01:39:30 -07:00
snipe a44b90dfc9 Custom validator for multiple deleted items with the same unique field 2016-07-26 00:44:26 -07:00
snipe 61108102d7 No longer require last name
I may regret this…
2016-07-21 19:44:07 -07:00
snipe 0cf563ae5b Show admin in maintenances 2016-06-22 17:04:47 -07:00
snipe 4ed8ff5576 Formatting fixes for coding standards 2016-06-22 12:27:41 -07:00
snipe 6a277a5391 Added inheritance back into users/groups 2016-06-15 20:45:45 -07:00
snipe 95f94c1cfb Fixed error when user has no permissions values 2016-06-02 17:16:22 -07:00
snipe 97691726f0 Updates to permissions decoding 2016-06-02 02:49:32 -07:00
Daniel Meltzer 1c1ef951e9 Fix a regression in Helper::usersList and ::managerList() where the "Select a User" option disappeared. Also format names the way they used to be formatted. 2016-06-01 13:47:46 -05:00