snipe
a7dc6162fa
Simplify password attempts rate limiting
...
Signed-off-by: snipe <snipe@snipe.net>
2022-06-22 09:11:24 -07:00
snipe
ebd3c11129
Added singleton
...
Signed-off-by: snipe <snipe@snipe.net>
2022-05-19 17:55:59 -07:00
Brady Wetherington
6756dd193e
SCIM integration using the 're-do-the routes' approach, which seems like a dead-end
...
Cleaning up routes to match laravel-scim-server's recommended implementation
Some actually *working* changes for SCIM support?!
Whoops, forgot my route file
Fix public SCIM routes
Removed Ziggy, removed old generated file, yanked Ziggy references
Resolves the first set of comments for SCIM
Ensure all /api routes have baseUrl prepended
Fix the parent:: call to be, uh, actually correct :P
Clarify the route-ordering, as it is quite tricky
This gets it so that users can actually be saved..
Work around the lack of callbacks with some inheritance
Mapped a bunch more fields from SCIM into Snipe-IT's user table
More baseUrl shenanigans since we yanked Ziggy :/
Properly map job title and work with some other necessary attributes
Map more fields...
Finalized basic mapping for core and enterprise namespaces
Latest tuned settings for SCIM config to work with Azure (and others)
2022-04-05 20:26:37 +01:00
snipe
b876d0abb0
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# .env.example
# app/Http/Controllers/Auth/LoginController.php
# app/Http/Kernel.php
# app/Http/Transformers/ActionlogsTransformer.php
# app/Importer/AssetImporter.php
# app/Models/Accessory.php
# app/Models/Consumable.php
# app/Presenters/AccessoryPresenter.php
# app/Presenters/ComponentPresenter.php
# app/Presenters/ConsumablePresenter.php
# app/Providers/AuthServiceProvider.php
# composer.json
# composer.lock
# config/app.php
# config/cors.php
# config/version.php
# package-lock.json
# public/js/build/app.js
# public/js/build/app.js.LICENSE.txt
# public/js/dist/all.js
# public/mix-manifest.json
# resources/views/accessories/view.blade.php
# resources/views/consumables/view.blade.php
# resources/views/settings/saml.blade.php
# routes/api.php
2022-03-03 21:59:38 -08:00
snipe
2eef43e8bf
Applies develop fix to master for location drop downs
2022-03-01 12:43:35 -08:00
Andrew Roth
2e60420aeb
Fix for location and model drop down with granular permissions.
2022-02-28 17:38:38 -05:00
snipe
dd5f812d88
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# .all-contributorsrc
# README.md
# app/Console/Commands/FixDoubleEscape.php
# app/Console/Commands/LdapSync.php
# app/Exceptions/Handler.php
# app/Http/Controllers/Api/AssetMaintenancesController.php
# app/Http/Controllers/Api/AssetModelsController.php
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Api/CategoriesController.php
# app/Http/Controllers/Api/CompaniesController.php
# app/Http/Controllers/Api/DepartmentsController.php
# app/Http/Controllers/Api/LicensesController.php
# app/Http/Controllers/Api/LocationsController.php
# app/Http/Controllers/Api/ManufacturersController.php
# app/Http/Controllers/Api/SettingsController.php
# app/Http/Controllers/Api/SuppliersController.php
# app/Http/Controllers/AssetModelsController.php
# app/Http/Controllers/Auth/LoginController.php
# app/Http/Controllers/CustomFieldsController.php
# app/Http/Controllers/SettingsController.php
# app/Models/Loggable.php
# app/Providers/AuthServiceProvider.php
# config/version.php
# database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
# database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php
# package-lock.json
# package.json
# public/js/build/app.js
# public/js/dist/all.js
# public/mix-manifest.json
# resources/assets/js/components/forms/asset-models/fieldset-default-values.vue
# resources/views/hardware/view.blade.php
2022-02-20 13:29:12 -08:00
snipe
d6b8222371
Refactor to combine permissions
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:48:30 -08:00
snipe
2c5abaaea4
Fixed copypasta
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:32:09 -08:00
snipe
c1a0653847
Restrict to update or create gate methods for select lists
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:31:11 -08:00
snipe
9226c8292d
Fixed typos in comments
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:02:14 -08:00
snipe
5fafa81dc1
Forgot components
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:57:29 -08:00
snipe
b30d1dce89
Removed selectlist
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:55:24 -08:00
snipe
2dad27eed6
Added additional gate for selectlists
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:46:14 -08:00
Brady Wetherington
a15c0adc79
Fix "secure hostnames" feature for subdirectory-based Snipe-IT installs
2022-02-07 11:33:38 -08:00
Brady Wetherington
f1d4087317
Fix "secure hostnames" feature for subdirectory-based Snipe-IT installs
2022-02-07 11:26:54 -08:00
Brady Wetherington
44719e3dcc
Fix whitespace issues
2022-01-27 11:29:20 -08:00
Brady Wetherington
1cf1278b3b
Fix whitespace issues
2022-01-27 11:28:51 -08:00
Brady Wetherington
476075235a
Add some guardrails around very-badly formatted APP_URL settings
2022-01-27 11:24:21 -08:00
Brady Wetherington
70648dedd3
Add some guardrails around very-badly formatted APP_URL settings
2022-01-27 11:21:46 -08:00
Brady Wetherington
0c4768fd2a
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden
...
(For v5)
2022-01-18 15:52:59 -08:00
Brady Wetherington
455bc736be
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden
2022-01-18 15:31:30 -08:00
Brady Wetherington
3c7f2e89ec
Merge branch 'develop' into remove_old_ldap
...
Had to re-do the composer install because the conflicts were too complicated.
2022-01-03 12:56:58 -08:00
snipe
d08c1787a1
First steps at getting dusk working
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-30 20:09:29 -08:00
Brady Wetherington
4dda28de9e
WIP: cleaning up LDAP
2021-10-28 18:19:50 -07:00
Ivan Nieto Vivanco
23b770fac6
Added a validation to use the same name in categories with different types
2021-10-08 15:19:16 -05:00
snipe
a8123092af
Misc fixes for shift
...
// TODO - re-fix the exception handler
Signed-off-by: snipe <snipe@snipe.net>
2021-06-11 14:07:50 -07:00
Laravel Shift
b62d1f49e4
Shift cleanup
2021-06-10 20:19:27 +00:00
Laravel Shift
bdf23e472e
Shift to class based routes
2021-06-10 20:17:14 +00:00
Laravel Shift
ddc8b8648b
Shift service providers
2021-06-10 20:17:07 +00:00
Laravel Shift
802dc9240d
Shift bindings
...
PHP 5.5.9+ adds the new static `class` property which provides the fully qualified class name. This is preferred over using class name strings as these references are checked by the parser.
2021-06-10 20:16:56 +00:00
Laravel Shift
934afa036f
Adopt Laravel coding style
...
Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions.
You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started.
[1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer
[2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 20:15:52 +00:00
Brady Wetherington
2a28f5e66c
(Maybe?) Fixes the problem where we always need LDAP enabled ( #9321 )
...
* I *think* this fixes the problem where we need LDAP even if we aren't using it?
* Pull the LdapAd dependency out of the AuthController constructor
2021-04-20 14:53:47 -07:00
Brady Wetherington
792a31cc7f
Merge branch 'develop'
2021-04-06 20:10:22 -07:00
Lars Kajes
49532e1cd6
Add option to force TLS connection ( #9327 )
...
Co-authored-by: Lars Kajes <lars.kajes@iusinnovation.se>
2021-04-05 21:56:25 -07:00
snipe
c3871c98df
Updated rollbar package
2021-03-09 16:16:57 -08:00
snipe
e9ee9ea2e9
Fixed rollbar integration
2021-03-09 12:40:00 -08:00
snipe
a48d09f37e
Fixed non-superadmin gate permissions for kits ( #9029 )
2021-01-26 11:56:42 -08:00
Brady Wetherington
0329028e2c
Fixed #8926 , #8252 - introduce circular reference check for location parent_id - rebased from #8253 ( #8927 )
...
* Fixed #8252 - circular references in location parents
* Remove non-translated translation changes
* Fix typo
* Add loop limit to avoid unforseen infinite loops
* Remove check against parent_id in location controllers
* Remove the Location->id=null piece (no longer needed)
* Fix some formatting and whitespace
* Re-introduce accidentally merged-out language file
Co-authored-by: Travis Miller <milletr@tulsaschools.org>
2020-12-18 17:18:04 -08:00
snipe
973eacf6c3
Small fixes for SAML
...
The SAML routes are in a service provide (sigh), so they did not have the `web` middleware group assigned to it.
I also added some additional checks so that the setup blade won’t fail (the migrations wouldn’t have been run yet, so outside of a try/catch, it would return an error since those tables don’t exist.)
2020-11-24 13:51:02 -08:00
snipe
5abfbdd1d2
Allow API token expiration in years to be configured via env
2020-11-09 22:52:55 -08:00
snipe
460485d843
Make API tokens expire in 20 years
...
TODO: Make this configurable and report the expiration in the UI
2020-11-09 22:33:43 -08:00
snipe
c4b2ef5660
Removed debugging code
2020-11-02 20:10:18 -08:00
snipe
a55694da2f
Added validation to disallow password to be the same as username, email, etc
2020-11-02 20:03:26 -08:00
Brady Wetherington
0eda53c484
Add a new custom validator for Users to prevent someone from managing themselves
2020-10-23 16:55:10 -07:00
Brady Wetherington
262a964760
[WIP] fix ldap-sync for v5 with AdLdap2
2020-08-14 14:45:05 -07:00
snipe
6a089f86f8
Fixed pathing for accessories
2020-08-03 11:17:56 -07:00
snipe
a7eb89f6b6
Misc fixes for flysystem paths
2020-06-16 16:06:25 -07:00
Johnson Yi
b2930d6069
Added #542 : add saml authentication
2020-05-06 00:06:19 +10:00
snipe
039f5da0e1
Add image upload to user edit [ch10508] ( #7877 )
...
* Use correct Request include
* Updated to use additional form request
* Added SVG sanitizer
* Added response method to form request
* Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete
* Fixed upload path for avatars
* Added fieldname variable to blade partial for image upload
* Added enctype="multipart/form-data" to form to allow uploads
* Added image field
* Updated Request::old() to use $request->old()
* Fixed derp in edit blade referring to $item when it should be $user
* Added svg+xml to image rule
2020-03-05 18:00:24 -08:00