Brady Wetherington
70648dedd3
Add some guardrails around very-badly formatted APP_URL settings
2022-01-27 11:21:46 -08:00
snipe
c70ae19c28
Merge pull request #10529 from uberbrady/fix_insecure_host_headers
...
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden (v5)
2022-01-26 16:59:55 -08:00
Ivan Nieto Vivanco
1fc71a4111
Add Zip field in the User Importer
2022-01-19 13:35:54 -06:00
Brady Wetherington
0c4768fd2a
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden
...
(For v5)
2022-01-18 15:52:59 -08:00
Ivan Nieto Vivanco
a05795420a
Respect the default value of 60 days in expiring licenses
2022-01-18 14:34:14 -06:00
Ivan Nieto Vivanco
42d86bf57b
Adds default values if the expiring alerts threshold is null
2022-01-18 14:21:49 -06:00
Ivan Nieto Vivanco
f510b9c2a9
Add query to filter non-deprecable assets when the Depreciation Report is called
2022-01-15 14:21:31 -06:00
Ivan Nieto Vivanco
153c30eda8
Add to Importer the capacity to search Models only with Model Name since Model Number is not required
2022-01-15 04:32:47 -06:00
snipe
be7e6ed847
Merge pull request #10502 from uberbrady/ldap_useraccountcontrol_dont_req_preauth
...
Add new UserAccountControl to permitted UAC's for AD.
2022-01-13 17:01:47 -08:00
snipe
984db1ef44
Apply personal API token fix to master
...
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:39:56 -08:00
Brady Wetherington
c8fe929e09
Add new UserAccountControl to permitted UAC's for AD.
2022-01-12 12:07:51 -08:00
Haxatron
bb095641c2
Update BulkAssetModelsController.php
...
https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7
2022-01-06 09:50:11 +08:00
snipe
884b6b0270
Fixes format property on invalid custom field object
...
Signed-off-by: snipe <snipe@snipe.net>
2022-01-03 19:14:50 -08:00
snipe
2ee84c2675
Added a few more comments
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:33:28 -08:00
snipe
c6ce928567
Added allow list to modal view options
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:16:49 -08:00
snipe
b4fac3e4ae
Fixed missing index for fieldsets
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 13:16:44 -08:00
snipe
bad6b862ca
assets_count doesnt exist as a column
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 12:59:16 -08:00
snipe
8588e9ebf1
Fixed #10469 - increased size of supplier address field
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-27 12:28:02 -08:00
Alex Janes
d0bfd8dfd2
Fixed the collection of the groups total to GroupsTransformer.php. Groups page should now paginate correctly.
2021-12-23 20:54:34 -05:00
snipe
9b2dd6522f
Switch GET to POST for asset request
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 20:36:08 -08:00
Bradley Coudriet
dbdc1c7f3f
Update SettingsController.php to save Slack Settings
...
This goes with #10438 that I just submitted about Slack Settings not saving.
This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco
c80aa2a289
Add title column to custom reports
2021-12-14 12:05:33 -06:00
snipe
25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected
...
Fixes bulk edit message counts more users than the actual selected users number
2021-12-13 14:13:14 -08:00
snipe
9d5d1a9f9a
Added escape to assigned_to API response
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco
a419a690d4
Add a variable to better control the selected user's ids
2021-12-11 18:01:38 -06:00
Brady Wetherington
acfb41f129
Remove 'actionlog' from the ::with() clause in the asset query API
2021-12-10 18:42:56 -08:00
Haxatron
1699c09758
Update AssetModelsController.php
2021-12-09 21:42:18 +08:00
Haxatron
918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/
2021-12-09 12:57:04 +08:00
snipe
86afe6c4b1
Cleanup slack validation
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 18:03:56 -08:00
snipe
ff97b359ad
Removed form request on ajax, cleaned up some other things
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:58:46 -08:00
snipe
81b66d0039
Change validation failure to 422 to make it consistent with Laravel's default
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:35 -08:00
snipe
8fa690b635
Reverting form request because it doesn't seem to work (????!!)
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:15 -08:00
snipe
8c1cd87831
Added slacksettingsrequest as use statement
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:56:22 -08:00
snipe
80d36cd72b
Added slack settings request
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:53:05 -08:00
snipe
ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
...
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe
00fad35c2a
Escape notes in transformCheckedOutAccessory
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe
3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
...
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe
830d07f84f
Removed escaping on input save for asset checkout on creation
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco
1ca770895a
Apply trim() function when storing Custom Fields names
2021-11-22 18:43:21 -06:00
snipe
f7b483358f
Escape custom field values in API response
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
Brady Wetherington
3ea209a507
Escape asset_tag attribute at controller level for consumption in bulk checkout
2021-11-08 20:27:43 -08:00
snipe
76cc46c419
Merge pull request #9814 from 01ste02/importMinAmt
...
Improved Consumable Import: Import min_amt for consumables
2021-10-28 17:49:44 -07:00
snipe
2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1
...
API: Do not include deleted items per default on lookup by serial
2021-10-28 17:09:20 -07:00
snipe
17bf899a17
Set default_label to 0 instead of null in API
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 20:14:01 -07:00
snipe
8b1c60a17a
Make gates a little more consistent
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 15:34:22 -07:00
snipe
033c3253bb
Fixed permissions array to handle missing clone button
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 14:10:17 -07:00
FliegenKLATSCH
24c484303e
Do not include deleted assets by default when doing lookup by serial
...
This commit introduces a new query parameter `deleted`, which can be set to `true` to include deleted assets in the response.
2021-10-09 08:56:31 +02:00
snipe
5d94b99035
Switched to 5 in one minute
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:53:32 -07:00
snipe
0674ef5a3d
Fixed number to 1 (for minutes)
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:43:32 -07:00
snipe
702791210e
Throttle password reset requests to 5 every 60 seconds
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 14:26:30 -07:00