Commit graph

2913 commits

Author SHA1 Message Date
snipe d06e3dd892 Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-09 14:40:33 -08:00
snipe 6b25b53462
Merge pull request #10628 from inietov/fixes/default_values_dont_allow_checkbox_radio
Fixes #10299 Default Values do not allow Checkbox/Radio Buttons
2022-02-09 14:39:46 -08:00
Ivan Nieto Vivanco 6d79c9f3e2 Save the default values for custom fields with same format than Assets do for actual values 2022-02-09 13:41:33 -06:00
Ivan Nieto Vivanco a36957dd77 Finish the implementation of custom fields default values for checkboxes 2022-02-09 13:12:42 -06:00
Ivan Nieto Vivanco 2f3499e4b9 Show checkboxes a little less assy, actually save the data checked by them 2022-02-09 10:49:10 -06:00
Jonathon Reinhart 3536d08477 Add checkin_at parameter to /hardware/:id/checkin API
Fixes #10552
2022-02-08 20:23:09 -05:00
Brady Wetherington 9a66f6a254 Remove extraneous backslash 2022-02-08 12:09:40 -08:00
Brady Wetherington 5e94726ec1 Properly alert when invalid JSON is submitted to something that wants JSON 2022-02-08 12:05:05 -08:00
Ivan Nieto Vivanco 413e44be2f Add custom date to checkin actionlogs and show it in the history of the asset tab 2022-02-08 11:58:23 -06:00
Jonathon Reinhart cd963179fd Fix /hardware/{id}/checkin API response on error
Fixes #10629
2022-02-08 01:08:42 -05:00
snipe 474f24e40e Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-07 18:27:59 -08:00
snipe b3a0f86431 Temp fix for weird JSON format in history
Signed-off-by: snipe <snipe@snipe.net>
2022-02-07 18:27:55 -08:00
Brady Wetherington f1d4087317 Fix "secure hostnames" feature for subdirectory-based Snipe-IT installs 2022-02-07 11:26:54 -08:00
Brady Wetherington 36ae6f9430 Yanked debugging code, tightened up comments. 2022-02-03 19:41:16 -08:00
Brady Wetherington 1945b97b72 Just trying to really tighten up on the LDAP Active Flag and how we parse it. 2022-02-03 19:04:56 -08:00
Brady Wetherington 392e61688d Rework the LDAP sync command to better handle the active flag 2022-02-03 15:01:45 -08:00
snipe ac5c6123bc Fixes #10563 - LDAP active flag - hopefully?
Signed-off-by: snipe <snipe@snipe.net>
2022-02-02 18:07:34 -08:00
Ivan Nieto Vivanco eac8e0bdba Add a casting to a truthy/falsy that needs to be integer 2022-02-02 13:54:57 -06:00
Ivan Nieto Vivanco 2fec40d7df Adds actionlog for bulk edits 2022-02-01 00:00:12 -06:00
snipe aa3aa78204 Adds Lookup Asset by Custom Field via API [sc-18632]
Signed-off-by: snipe <snipe@snipe.net>
2022-01-28 09:08:48 -08:00
snipe db0a078c0b
Merge pull request #10573 from uberbrady/fix_force_root_url
Add some guardrails around very-badly formatted APP_URL settings
2022-01-27 11:29:29 -08:00
Brady Wetherington 1cf1278b3b Fix whitespace issues 2022-01-27 11:28:51 -08:00
Brady Wetherington 70648dedd3 Add some guardrails around very-badly formatted APP_URL settings 2022-01-27 11:21:46 -08:00
snipe 9634dde0dd
Merge pull request #10567 from inietov/fixes/importing_and_checking_out_licenses_master
Fixes Importing licenses without product key duplicates the license
2022-01-27 10:58:06 -08:00
snipe c70ae19c28
Merge pull request #10529 from uberbrady/fix_insecure_host_headers
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden (v5)
2022-01-26 16:59:55 -08:00
Ivan Nieto Vivanco 55fdc86e02 Tweak query in the License Importer to not require a Product Key 2022-01-26 17:51:04 -06:00
Ivan Nieto Vivanco 1fc71a4111 Add Zip field in the User Importer 2022-01-19 13:35:54 -06:00
Brady Wetherington 0c4768fd2a Force UrlGenerator's Root URL to be the base of APP_URL unless overriden
(For v5)
2022-01-18 15:52:59 -08:00
Ivan Nieto Vivanco a05795420a Respect the default value of 60 days in expiring licenses 2022-01-18 14:34:14 -06:00
Ivan Nieto Vivanco 42d86bf57b Adds default values if the expiring alerts threshold is null 2022-01-18 14:21:49 -06:00
Ivan Nieto Vivanco f510b9c2a9 Add query to filter non-deprecable assets when the Depreciation Report is called 2022-01-15 14:21:31 -06:00
Ivan Nieto Vivanco 153c30eda8 Add to Importer the capacity to search Models only with Model Name since Model Number is not required 2022-01-15 04:32:47 -06:00
snipe be7e6ed847
Merge pull request #10502 from uberbrady/ldap_useraccountcontrol_dont_req_preauth
Add new UserAccountControl to permitted UAC's for AD.
2022-01-13 17:01:47 -08:00
snipe 984db1ef44 Apply personal API token fix to master
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:39:56 -08:00
Brady Wetherington c8fe929e09 Add new UserAccountControl to permitted UAC's for AD. 2022-01-12 12:07:51 -08:00
Haxatron bb095641c2
Update BulkAssetModelsController.php
https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7
2022-01-06 09:50:11 +08:00
snipe 884b6b0270 Fixes format property on invalid custom field object
Signed-off-by: snipe <snipe@snipe.net>
2022-01-03 19:14:50 -08:00
snipe 2ee84c2675 Added a few more comments
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:33:28 -08:00
snipe c6ce928567 Added allow list to modal view options
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:16:49 -08:00
snipe b4fac3e4ae Fixed missing index for fieldsets
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 13:16:44 -08:00
snipe bad6b862ca assets_count doesnt exist as a column
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 12:59:16 -08:00
snipe 8588e9ebf1 Fixed #10469 - increased size of supplier address field
Signed-off-by: snipe <snipe@snipe.net>
2021-12-27 12:28:02 -08:00
Alex Janes d0bfd8dfd2 Fixed the collection of the groups total to GroupsTransformer.php. Groups page should now paginate correctly. 2021-12-23 20:54:34 -05:00
snipe 9b2dd6522f Switch GET to POST for asset request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 20:36:08 -08:00
Bradley Coudriet dbdc1c7f3f
Update SettingsController.php to save Slack Settings
This goes with #10438 that I just submitted about Slack Settings not saving.

This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco c80aa2a289 Add title column to custom reports 2021-12-14 12:05:33 -06:00
snipe 25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected
Fixes bulk edit message counts more users than the actual selected users number
2021-12-13 14:13:14 -08:00
snipe 9d5d1a9f9a Added escape to assigned_to API response
Signed-off-by: snipe <snipe@snipe.net>
2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco a419a690d4 Add a variable to better control the selected user's ids 2021-12-11 18:01:38 -06:00
Brady Wetherington acfb41f129 Remove 'actionlog' from the ::with() clause in the asset query API 2021-12-10 18:42:56 -08:00
Haxatron 1699c09758
Update AssetModelsController.php 2021-12-09 21:42:18 +08:00
Haxatron 918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/ 2021-12-09 12:57:04 +08:00
snipe 86afe6c4b1 Cleanup slack validation
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 18:03:56 -08:00
snipe ff97b359ad Removed form request on ajax, cleaned up some other things
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:58:46 -08:00
snipe 81b66d0039 Change validation failure to 422 to make it consistent with Laravel's default
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:35 -08:00
snipe 8fa690b635 Reverting form request because it doesn't seem to work (????!!)
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:15 -08:00
snipe 8c1cd87831 Added slacksettingsrequest as use statement
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:56:22 -08:00
snipe 80d36cd72b Added slack settings request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:53:05 -08:00
snipe ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe 00fad35c2a Escape notes in transformCheckedOutAccessory
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe 3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe 830d07f84f Removed escaping on input save for asset checkout on creation
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco 1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
snipe f7b483358f Escape custom field values in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
Brady Wetherington 3ea209a507 Escape asset_tag attribute at controller level for consumption in bulk checkout 2021-11-08 20:27:43 -08:00
snipe 76cc46c419
Merge pull request #9814 from 01ste02/importMinAmt
Improved Consumable Import: Import min_amt for consumables
2021-10-28 17:49:44 -07:00
snipe 2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1
API: Do not include deleted items per default on lookup by serial
2021-10-28 17:09:20 -07:00
snipe 17bf899a17 Set default_label to 0 instead of null in API
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 20:14:01 -07:00
snipe 8b1c60a17a Make gates a little more consistent
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 15:34:22 -07:00
snipe 033c3253bb Fixed permissions array to handle missing clone button
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 14:10:17 -07:00
FliegenKLATSCH 24c484303e Do not include deleted assets by default when doing lookup by serial
This commit introduces a new query parameter `deleted`, which can be set to `true` to include deleted assets in the response.
2021-10-09 08:56:31 +02:00
snipe 5d94b99035 Switched to 5 in one minute
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:53:32 -07:00
snipe 0674ef5a3d Fixed number to 1 (for minutes)
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:43:32 -07:00
snipe 702791210e Throttle password reset requests to 5 every 60 seconds
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 14:26:30 -07:00
snipe 1c77fd0d09
Merge pull request #10178 from inietov/bug/sc-17520/symfony_component_debug_exception_fatalthrowableerror
Fixed typo when setting the headers
2021-10-08 12:04:45 -07:00
Ivan Nieto Vivanco d184da8611 Fixed typo (thanks @ssddanbrown) 2021-10-08 13:39:49 -05:00
snipe ccd430ce07 Switched back down to debug level
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 12:38:21 -07:00
snipe f306401e7e Fixed SVG XSS vuln
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 12:26:45 -07:00
snipe c06a93ef13 Removed extra brace in assets for components
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 10:38:13 -07:00
Ivan Nieto Vivanco ef6eea67d8 Set headers in a different manner in the middleware 2021-10-05 14:09:35 -05:00
snipe 34eab88b7e Removed debugging
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 20:25:31 -07:00
snipe b20c841a89 Fixed asset models restore
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 19:29:13 -07:00
snipe 52caee2a9f Handle checking and unchecking for bulk actions
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 17:18:26 -07:00
snipe 52ea172e5d Fix ID array
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 17:18:07 -07:00
snipe 9b48732cd2 Force revalidation headers when user logs out
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 12:52:48 -07:00
snipe daa88f06f7 Added pivot to components JSON
Signed-off-by: snipe <snipe@snipe.net>
2021-09-30 15:51:08 -07:00
snipe d0acb9fdb4 Applies PR #10150 to master
Signed-off-by: snipe <snipe@snipe.net>
2021-09-30 15:33:00 -07:00
Brady Wetherington ae466be153 Fix license output, tweak CleanFloat function to handle numbers over 1 million 2021-09-28 19:10:25 -07:00
Brady Wetherington f3338667c7 Create new ParseCurrency helper and use it in the appropriate controllers 2021-09-28 18:20:39 -07:00
Brady Wetherington f380da3f19 Try to ensure all currency output is formatted correctly. 2021-09-28 16:45:47 -07:00
snipe 2f9582ee5c Switched to loadMissing for performance
Signed-off-by: snipe <snipe@snipe.net>
2021-09-23 17:31:19 -07:00
snipe 3b7ce0091c Load components in the assets API if components=true in API request
Signed-off-by: snipe <snipe@snipe.net>
2021-09-23 17:23:53 -07:00
snipe 6e270c0ed2 Include created_at in pivot
Signed-off-by: snipe <snipe@snipe.net>
2021-09-23 17:23:17 -07:00
snipe 3862b6476b
Merge pull request #10122 from inietov/fixes/api_issue_when_component_checkout
Fixes API Issue when checking out a component
2021-09-23 13:21:48 -07:00
Ivan Nieto Vivanco 7dfab3a6e2 Change the condition to 'bigger or equal' instead of just 'bigger than' in ComponentsController checkout api 2021-09-23 15:02:39 -05:00
snipe a6b3aa5f04 Don't try to delete the file if there is no log entry
Signed-off-by: snipe <snipe@snipe.net>
2021-09-22 19:04:25 -07:00
snipe b4a90045e6 Added totals to depreciation report footer
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 21:52:18 -07:00
snipe 0763c76a4e Fixed scoping with leftjoin
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 20:54:24 -07:00
snipe 5d32c17a2e Removed comments
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 20:01:36 -07:00
snipe 10ca7cffc3 Fixes for query scoping, ordering, and nicer readability
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 19:59:23 -07:00