Commit graph

263 commits

Author SHA1 Message Date
snipe f6ef139111 Fixed baseUrl is undefined error
I literally cannot figure out how this ever worked before.
2019-05-23 16:56:22 -07:00
snipe 407445456a Merge branch 'features/6204_email_audit-alerts' into develop
# Conflicts:
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/LicensesController.php
#	composer.json
#	composer.lock
#	config/version.php
#	resources/views/auth/two_factor_enroll.blade.php
2019-05-06 08:45:13 -04:00
snipe e5c2d77c7d
Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)
2019-05-05 22:32:52 -04:00
snipe e9b9301efb Added language strings for audit views 2019-05-05 19:35:20 -04:00
snipe 69614a7db4 Added gated sidenav items to left nav 2019-05-05 19:21:26 -04:00
snipe bca82684a1 Merge branch 'hotfixes/2fa_qr' into develop
# Conflicts:
#	.all-contributorsrc
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/ImportController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/ImportsController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Requests/ItemImportRequest.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/version.php
#	docker/startup.sh
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
2019-03-20 02:17:02 -07:00
snipe 7b33f95e83
Fixes/import permissions mask (#6826)
* Check for empty headers in import

* Added import permission

* Fixed model path in docblock

* Added import gate to default blade

* Check if the user is an admin OR idf they have import permissions

* Walked back that admin permission

Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission
2019-03-18 11:58:08 -07:00
snipe 7e8d337ed5 Moved kit icon 2019-03-08 16:49:05 -08:00
snipe 61afdeac2e Merge branch 'develop' of https://github.com/VELIKII-DIVAN/snipe-it into VELIKII-DIVAN-develop 2019-03-08 16:18:48 -08:00
Dmitrii Minaev 5f3a0bdea5 app\Services\PredefinedKitService.php rename to app\Services\PredefinedKitCheckoutService.php
add accessories and consumables tables
add selectlist api to:
 app\Http\Controllers\Api\AccessoriesController.php
 app\Http\Controllers\Api\ConsumablesController.php
 app\Http\Controllers\Api\LicensesController.php
templates for selectlist
apply kit to user works
2019-02-19 22:19:00 +03:00
snipe 2768ea692e Removed extraneous js call 2019-02-13 04:24:37 -08:00
snipe 35e60fd151 Updated languages 2019-02-13 03:56:18 -08:00
herroworrd 3f7d2aebc7 Fixed #6634: Asset Import History fixes and optimizations (#6657)
* Starting work on asset history importer.

* Starting work on asset history importer.

* Added checkin target.

* Last change... importing history should also probably be an admin only task.

* Added caching for user and asset queries.

* Updated cache keepalive time to DateTimeInterface

* Updated cache keepalive time to DateTimeInterface
2019-02-08 16:05:56 -08:00
snipe 09c4dd4891 Added ability to upload favicon and email logo
todo: refactor the image upload/resize for less copypasta
2018-12-05 19:56:12 -08:00
Wes Hulette 465b69516d Fixed: #6259 - Remove remote JS/CSS file loading (#6330)
* Fixed missing oauth tables during setup.

* Remove remote JS/CSS file loading


Updated gravatar to return to default image

* Updated default avatar path to user url

Removed local html5shim & response js files.
Removed copying html5shim & respond js file to public directory
2018-10-17 12:52:01 -07:00
Wes Hulette 19ee62f704 Fixed: Missing JS file import (#6320)
* Fixed missing oauth tables during setup.

* Fixed missing JS import
2018-10-11 13:51:37 -07:00
Wes Hulette d715ecf41d Fixed: Tooltips (#6309)
* Fixed missing oauth tables during setup.

* Fixed missing tooltips

Updated spelling in bootstrap-table.blade.php to use bootstrap data element. 
Using custom jquery-ui without tooltips to fix conflict issue.

* Removed custom jQuery ui file added fix in bootstrap.js file
2018-10-09 15:20:27 -07:00
Wes Hulette 6818901f7d Fixed: Admin LTE left menu bar not working (#6308)
* Fixed missing oauth tables during setup.

* Updated per AdminLTE upgrade guide.
2018-10-09 15:20:12 -07:00
snipe ade9a0c995 Removed server-side validation right now
Getting an unexpected keyword ‘export’ error. I’ll come back to this.
2018-10-05 03:47:58 -07:00
snipe 8e90ed00d8 Added alt tags to logo 2018-10-05 03:43:16 -07:00
snipe 81d8c1cc52 Fixed remove-asset-tag javascript on asset edit, added server side validation support 2018-10-05 02:51:14 -07:00
snipe 4920dced6e Enabled toggleDisabled on form validator 2018-10-05 01:12:14 -07:00
snipe 6f71abd0e0 Fixed improper html nesting 2018-10-05 00:45:58 -07:00
snipe c1b0b8dee2 Move validator to main layout 2018-10-05 00:45:45 -07:00
snipe 6489081cd6 Pass variable to edit-form to determine whether we should have a top submit button
This is just so very short forms don’t look too silly
2018-10-04 21:19:25 -07:00
snipe 408f9978e9 More help text updates 2018-10-04 21:14:45 -07:00
snipe db765e4a0b Reformatted help popover 2018-10-04 20:51:50 -07:00
snipe 3843764d15 Added save button at top of form as well 2018-10-04 20:24:53 -07:00
snipe 90b8acdd3b Merge branch 'V5_cleanup_js' of https://github.com/jwhulette/snipe-it into jwhulette-V5_cleanup_js
# Conflicts:
#	public/mix-manifest.json
2018-10-03 00:56:09 -07:00
Wes Hulette 1742867df1 Removed inline signature.css
Added to webpack
2018-10-01 08:20:31 -04:00
Wes Hulette ce0a40a20c Merge branch 'develop' into JS_Cleanup 2018-10-01 08:07:07 -04:00
snipe 79367642b1
[WIP] Added #5957 - Flysystem support (#6262)
* Added AWS url to example env

* Upgrader - added check for new storage path and attempt to move

* Ignore symlink

* Updated paths for models

* Moved copy methods

* Added AWS_URL support

For some reasin, Flysystem was generating the wrong AWS url (with a region included)

* Switch to Flysystem for image uploads

* Nicer display of image preview

* Updated image preview on edit blades to use Flysystem

* Twiddled some more paths

* Working filesystems config

* Updated Asset Models and Departments to use Flysystem

* Janky workaround for differing S3/local urls/paths

* Try to smartly use S3 as public disk if S3 is configured

* Use public disk Storage options for public files

* Additional transformer edits for Flysystem

* Removed debugging

* Added missing use Storage directive

* Updated seeders to use Flysystem

* Default logo

* Set a default width

We can potentially override this in settings later

* Use Flysystem for logo upload

* Update downloadFile to use Flysystem

* Updated AssetFilesController to use Flysystem

* Updated acceptance signatures to use Flysystem

* Updated signature view to use Flysystem

This isn’t working 100% yet

* Use Flysystem facade for displaying asset image

* Set assets path

Should clean all these up when we’re done here

* Added Rackspace support for Flysystem

* Added Flysystem migrator console command

* Added use Storage directive for categories

* Added user avatars to Flysystem

* Added profile avatar to Flysystem

* Added the option to delete local files with the migrator

* Added a check to prevent people from trying to move from local to local

* Fixed the selectlists for Flysystem

* Fixed the getImageUrl method to reflect Flysystem

* Fixed AWS copy process

* Fixed models path

* More selectlist updates for Flysystem

* Updated example .envs with updated env variable names

* *sigh*

* Updated non-asset getImageUrl() methods to use Flysystem

* Removed S3 hardcoding

* Use Flysystem in email headers

* Fixed typo

* Removed camera support from asset file upload

We’ll find a way to add this in later (and add that support to all of the other image uploads as well)

* Fixed path for categories

* WIP - Switched to standard handleImages for asset upload.

This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now.

* Fixed css URL error

* Updated Debugbar to latest version (#6265)

v3.2 adds support for Laravel 5.7

* Fixed: Missing CSS file in basic.blade.php (#6264)

* Fixed missing CSS file in basic.blade.php

* Added

* Changed stylesheet import for authorize.blade.php

* Updated composer lock

* Added AWS_BUCKET_ROOT as env variable

* Use nicer image preview for logo upload

* Removed AssetRequest form request

* Removed asset form request, moved custom field validation into model

* Added additional help text for logo upload

* Increased the size of the image resize - should make this a setting tho

* Few more formatting tweaks to logo section of branding blade preview

* Use Flysystem for asset/license file uploads

* Use Flysystem for removing images from models that have been deleted

* Enable backups to use Flysystem

This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3

* Use Flysystem to download license files

* Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
Wes Hulette fc8096f8dc Fixed: Missing CSS file in basic.blade.php (#6264)
* Fixed missing CSS file in basic.blade.php

* Added

* Changed stylesheet import for authorize.blade.php
2018-09-29 14:15:25 -07:00
snipe 153a711de4 Fixed css URL error 2018-09-28 23:18:16 -07:00
Wes Hulette c090a2f0b6 Fixed script imports in setup.blade.php 2018-09-28 17:28:49 -04:00
Wes Hulette 11f128a84f Moved chart.js library into vendor.js 2018-09-28 17:28:49 -04:00
Wes Hulette b84eb836f4 Cleaned up JS
Removed unnecessary JS files
Moved JS to app & vendor, so neither file is so large, plus they can be downloaded concurrently.
2018-09-28 17:27:06 -04:00
Wes Hulette ecf77e60df Added: #6246 - CSS Cleanup (#6247)
* Streamlined CSS by using NPM

Removed unnecessary CSS files
Merged CSS files into one file

* Streamlined CSS by using NPM

Removed unnecessary CSS files
Merged CSS files into one file

* Removed override.less

* Moved bootstrap-color-picker css to file

Removed inline calls

* Changed css import on setup.blade.php

* Updated signature-pad.css import

* NPM Prod compile

* Fixed font family loading issue.
2018-09-28 14:09:48 -07:00
Brady Wetherington c97db3259f
Merge pull request #5913 from tilldeeke/refactore-checkout-checkin-notification-sending
Refactor: Decouple checkin/checkout notifications from logging
2018-09-21 18:18:27 -07:00
snipe e89b33f865 Enable popovers 2018-09-07 05:09:24 -07:00
Wes Hulette bfb5920677 Added #5956 - Moved bootstrap-tables to npm (#6139)
Created single bootstrap-tables js and css file.
2018-08-28 13:10:27 -07:00
snipe 0b8d70c7ec Fixed #6124 2018-08-23 21:06:04 -07:00
snipe 522dc1db2a Fixed #6124 2018-08-23 21:05:10 -07:00
Till Deeke 8648d53d25 Adds checkout acceptances
A checkout acceptance gets generated for every item that needs to be checked out. This resource tracks the user user who can accept the item and their signature
2018-08-06 14:47:26 +02:00
snipe b267b34762 Make sure there is a settings value 2018-07-25 19:02:35 -07:00
snipe 708b1a962c Split out custom_css from custom_header
This makes it so that the custom_css will still be respected even if there is no custom header
2018-07-25 19:01:47 -07:00
snipe a5daee811b Split out custom_css from custom_header color 2018-07-25 19:00:03 -07:00
Till Deeke 27699aa99c Adds permission checks for custom fields and custom fieldsets (#5645) (#5795)
* adds permission checks to custom fields

* adds permission checks to custom fieldsets

* adds separate permissions for custom fieldsets

* check for permissions in views

* Removes custom fieldsets from permissions config

* Proxy the authorization for custom fieldsets down to custom fields.

This allows us to use the existing permissions in use and have more semantically correct authorization checks for custom fieldsets.

* simplifies the authorization check for the custom fields overview

* removes special handling of custom fieldsets in base policy

I just realised that this code duplicates the logic from the custom fieldset policy.
Since we are checking for the authorization of custom fields anyway, we can just use the columnName for the fields.

* cleanup of unused imports
2018-07-12 18:28:20 -07:00
snipe 8732f299e6 Added logo class for logo override in custom CSS 2018-07-02 18:47:30 -07:00
Arunas Skirius b30aac536a fixed the alignment of a couple navbar icons (#5764) 2018-07-02 18:10:25 -07:00
Djamon Staal 32e3f748d8 Make version footer configurable. (#5730) 2018-06-21 07:12:16 -07:00
snipe 04709dc1df Fixed #5477 - added GDPR privacy policy link in email and webpage 2018-05-08 00:50:13 -07:00
snipe 8a6713d5c0
WIP - Improved requested assets (#5289)
* WIP - beginning of improved requested assets

- Use Ajax tables for faster loading
- Use new notifications for requesting an asset

TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user

* Only show asset name in email if it has one

* Refactor requested method to only include non-canceled requests

* Refactored requestable assets to log request and cancelation

* Added softdeletes on checkout requests

* Differentiate between canceling and deleting requests

* Added asset request cancelation notification

* Added timestamps and corrected unique key on requests table

* Improved requests view

* Re-use blade for cancel/request email

* Refactored BS table formatter for requested assets

* Location name min reduced to 2

* Added PAT test as maintenance option

This needs to be refactored into database-driven options with a UI

* Better slack message

* Added getImageUrl method for assets

* Include qty in request notifications

TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1

* Removed old asset request/cancel emails

* Added user profile asset request routes

* Added profile controller requested assets method

* Added blade link to requested assets for profile view

* Sort user history desc

* Added requested assets blade

* Added canceled at to checkoutRequest method

* Include qty in request

* Fixed comment, removed allowed_columns

* Removed Queable methods, since we don’t use a queue

* Fixed return type in method doc

* Fixed version number

* Changed id to user_id for clarity
2018-04-04 17:33:02 -07:00
snipe c4db8d37c2 Fixed #5168 - users without superadmin could not see custom fields UI even if granted 2018-03-07 13:37:37 -08:00
snipe 31790e0bb7 Tweaks to theme settings 2018-03-02 18:01:36 -08:00
snipe f171357e36 Removed unused skin files, added skin setting option 2018-03-02 17:50:40 -08:00
snipe 1c28f893e7 Fixed #5027 - remove link to non-existant reports page 2018-02-20 14:44:29 -08:00
snipe d8fc50c351 Fixed #5033 - use PHP’s max filesize for image uploads 2018-02-16 21:17:41 -08:00
snipe 765295136a Added - ability to add custom footer text, hide user’s manual/support links 2018-01-24 07:02:30 -08:00
snipe 24b356dba4 Fixed typos in default blade that cause components to not show up for non-superadmins 2018-01-17 06:27:23 -08:00
snipe 4ce91a4f5d Fixed namespace gate for components - related to #4282 2017-12-12 06:26:37 -08:00
snipe d91e8bfee5 Fixed select2 on setup 2017-12-12 02:31:36 -08:00
snipe 71b9a15c9c Moved User menu down 2017-12-01 17:50:01 -08:00
snipe f4aa812d96 Changed twitter handle to @snipeitapp 2017-11-21 19:02:15 -08:00
snipe edcd3afc3e Fixes #4457 - use un-escaped CSS for custom CSS styles
We are already escaping the CSS in the show_custom_css() method
2017-11-15 14:27:21 -08:00
madd15 59c9c22a59 Small UI Changes (#4404)
* Small ui change to settings nav

* Remove min-height

Removed min-height from Assets by Status

* Add min-height to box-body
2017-11-08 13:12:03 -08:00
snipe 35ee52212f Added ability to disable the alert icon in the top menu 2017-11-08 03:08:17 -08:00
snipe 0589652edb Fixed #4392 - select2 + fastclick incompatibility
This is a workaround fix - should upgrade both to latest after testing extensively
2017-11-06 17:17:48 -08:00
snipe 15d4344efb Comments in the JS 2017-11-04 00:15:23 -07:00
snipe 27875c2dac Improved to use trans() facade instead of lang 2017-11-02 10:27:53 -07:00
snipe a9e5ad0df1 Added link to requested assets in sidenav 2017-11-02 03:12:12 -07:00
Daniel Meltzer 3cea12565b Add missing policies (#4330)
* Add Authorizable trait and interface to our user model so we have access to User::can/User::cant.  We should take a look at where else our user model has diverged from Larvel since it was created...

* Policy cleanup/fixes.

This commit adds policies for the missing backend/"settings" areas.  The
permissions were implemented a while back but the policies did not, so
authorizing actions was failing.

In addition, this condenses a lot of code in the policies into base
classes.  Most of the files were identical except for table names, so we
move all of the checks into a base class and override the table name in
each policy.

* Use a better name and permission for the check in the default layout.
2017-10-27 18:01:11 -07:00
snipe 82690e1fd7 Integrate ajax select2 menus in all asset checkouts 2017-10-26 02:28:17 -07:00
snipe d4bb4d2edd Added state-save for open/cloed sidenav 2017-10-25 20:10:41 -07:00
snipe 687cf44d3d Use inline style for logo 2017-10-25 16:15:50 -07:00
snipe 17d58d9cc5 Added snazzy rich user selection menu
TODO:
- Abstract this out so it can be used by other select2 menus
- Write a select2 transformer to standardize output
2017-10-24 19:24:35 -07:00
snipe 4628c15813 Fixed typo in comments 2017-10-24 16:57:04 -07:00
Nicolai Essig abcce78944 use translation for "All" in sidebar menu (#4268) 2017-10-20 00:20:33 -07:00
Robin Temme 068308ef56 Change changepassword menu icon to fixed width (#4262) 2017-10-19 06:04:02 -07:00
Nicolai Essig 1e65c7bf9a load custom css also on login page (#4260) 2017-10-19 06:01:41 -07:00
madd15 e2bac62e36 Fix #4205 (#4213)
* Fixing various UI items

* Revert css change

* Dashboard icon CSS up 4px
2017-10-14 00:14:22 -07:00
snipe 3f44987799 Small logo size tweaks 2017-10-03 14:15:03 -07:00
snipe b4fec068d0 Use asset url for favicon on login blade 2017-10-03 13:44:50 -07:00
snipe aab635154a Default to turning CSP off until we can fix vue/CSP issues 2017-10-02 13:29:14 -07:00
Daniel Meltzer c2616412c0 Add laravel routes to javascript (#4092)
* Add laravel routes to javascript

This will clean up a lot of passing of urls.  Adds a route() helper and
everything...

This commit also moves the customfield fetching to only be fetched once
and shared with each file, rather than once for each file.

* Try to fix travis unit test things.

* Downgrade doctrine/inflector for php5

* Attempt to occasional seeder issues on travis if the asset does not generate validatable data.

* Update sql dump for functional tests.

* Try to fix api tests.
2017-10-01 12:59:55 -07:00
snipe 2ea91266c0 Init lightbox 2017-09-29 14:26:00 -07:00
snipe 5223ec1dbb Clearer status listing in the sidenav 2017-09-29 12:13:15 -07:00
snipe b9e79c27a8 Added nonce to basic blade 2017-09-29 05:49:26 -07:00
snipe b8ed6a53b6 For #3998 - Added nonce to all.js 2017-09-29 04:53:24 -07:00
snipe 46d87849f4 Added content security middleware 2017-09-28 19:45:15 -07:00
snipe 507f1f196c Added integrity hashes 2017-09-28 18:46:16 -07:00
snipe 7fded367c4 Adds rel="noopener" to footer links 2017-09-28 16:03:36 -07:00
snipe 0a0661bf41 Additional fixes for #3995 in atypical blades 2017-09-25 15:41:02 -07:00
snipe 6ee939d29b Allegedly fixes #3995 - subdirectory issues with JS/CSS 2017-09-25 15:39:18 -07:00
snipe e7d72beb88 Also check for $snipeSettings in the first place
Since the preflight also uses this basic blade
2017-09-12 13:08:43 -07:00
snipe 01e3f4a4db Use site name if provided in the settings table for basic template 2017-09-12 13:01:51 -07:00
Daniel Meltzer 987536930c Assorted fixes (#3923)
* Fix some n+1 problems

* Use route in notification dropdown to make sure we link to correct page

* Work on better UI support for checkout to non-user.  Fix links on index bootstrap table, work towards eliminating assignedUser

* Remove Asset::assigneduser() relationship.  Instead add a checkedOutToUser() method and/or port to using assignedTo()

* Adjust string to fit new reality

* Fix #3780.  Move the consumables getDataView method to the ApiController.  Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...

* Fix file uploads to assets and restore the delete route.

* Add asset maintence edit action to index.

* Suppliers asset list should link to the related asset, not to the supplier with same ID.

* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.

* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
2017-09-05 17:54:58 -07:00
snipe 22233e3ba6 Bulk asset audit form (needs more testing) 2017-08-29 16:00:22 -07:00
snipe 42175782a5 Only pull logo if there is a value 2017-08-26 17:43:00 -07:00
snipe af6f208c43 Reordered settings nav 2017-08-25 10:03:05 -07:00