Commit graph

2855 commits

Author SHA1 Message Date
snipe ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe 00fad35c2a Escape notes in transformCheckedOutAccessory
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe 3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe 830d07f84f Removed escaping on input save for asset checkout on creation
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco 1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
snipe f7b483358f Escape custom field values in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
Brady Wetherington 3ea209a507 Escape asset_tag attribute at controller level for consumption in bulk checkout 2021-11-08 20:27:43 -08:00
snipe 76cc46c419
Merge pull request #9814 from 01ste02/importMinAmt
Improved Consumable Import: Import min_amt for consumables
2021-10-28 17:49:44 -07:00
snipe 2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1
API: Do not include deleted items per default on lookup by serial
2021-10-28 17:09:20 -07:00
snipe 17bf899a17 Set default_label to 0 instead of null in API
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 20:14:01 -07:00
snipe 8b1c60a17a Make gates a little more consistent
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 15:34:22 -07:00
snipe 033c3253bb Fixed permissions array to handle missing clone button
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 14:10:17 -07:00
FliegenKLATSCH 24c484303e Do not include deleted assets by default when doing lookup by serial
This commit introduces a new query parameter `deleted`, which can be set to `true` to include deleted assets in the response.
2021-10-09 08:56:31 +02:00
snipe 5d94b99035 Switched to 5 in one minute
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:53:32 -07:00
snipe 0674ef5a3d Fixed number to 1 (for minutes)
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:43:32 -07:00
snipe 702791210e Throttle password reset requests to 5 every 60 seconds
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 14:26:30 -07:00
snipe 1c77fd0d09
Merge pull request #10178 from inietov/bug/sc-17520/symfony_component_debug_exception_fatalthrowableerror
Fixed typo when setting the headers
2021-10-08 12:04:45 -07:00
Ivan Nieto Vivanco d184da8611 Fixed typo (thanks @ssddanbrown) 2021-10-08 13:39:49 -05:00
snipe ccd430ce07 Switched back down to debug level
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 12:38:21 -07:00
snipe f306401e7e Fixed SVG XSS vuln
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 12:26:45 -07:00
snipe c06a93ef13 Removed extra brace in assets for components
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 10:38:13 -07:00
Ivan Nieto Vivanco ef6eea67d8 Set headers in a different manner in the middleware 2021-10-05 14:09:35 -05:00
snipe 34eab88b7e Removed debugging
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 20:25:31 -07:00
snipe b20c841a89 Fixed asset models restore
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 19:29:13 -07:00
snipe 52caee2a9f Handle checking and unchecking for bulk actions
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 17:18:26 -07:00
snipe 52ea172e5d Fix ID array
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 17:18:07 -07:00
snipe 9b48732cd2 Force revalidation headers when user logs out
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 12:52:48 -07:00
snipe daa88f06f7 Added pivot to components JSON
Signed-off-by: snipe <snipe@snipe.net>
2021-09-30 15:51:08 -07:00
snipe d0acb9fdb4 Applies PR #10150 to master
Signed-off-by: snipe <snipe@snipe.net>
2021-09-30 15:33:00 -07:00
Brady Wetherington ae466be153 Fix license output, tweak CleanFloat function to handle numbers over 1 million 2021-09-28 19:10:25 -07:00
Brady Wetherington f3338667c7 Create new ParseCurrency helper and use it in the appropriate controllers 2021-09-28 18:20:39 -07:00
Brady Wetherington f380da3f19 Try to ensure all currency output is formatted correctly. 2021-09-28 16:45:47 -07:00
snipe 2f9582ee5c Switched to loadMissing for performance
Signed-off-by: snipe <snipe@snipe.net>
2021-09-23 17:31:19 -07:00
snipe 3b7ce0091c Load components in the assets API if components=true in API request
Signed-off-by: snipe <snipe@snipe.net>
2021-09-23 17:23:53 -07:00
snipe 6e270c0ed2 Include created_at in pivot
Signed-off-by: snipe <snipe@snipe.net>
2021-09-23 17:23:17 -07:00
snipe 3862b6476b
Merge pull request #10122 from inietov/fixes/api_issue_when_component_checkout
Fixes API Issue when checking out a component
2021-09-23 13:21:48 -07:00
Ivan Nieto Vivanco 7dfab3a6e2 Change the condition to 'bigger or equal' instead of just 'bigger than' in ComponentsController checkout api 2021-09-23 15:02:39 -05:00
snipe a6b3aa5f04 Don't try to delete the file if there is no log entry
Signed-off-by: snipe <snipe@snipe.net>
2021-09-22 19:04:25 -07:00
snipe b4a90045e6 Added totals to depreciation report footer
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 21:52:18 -07:00
snipe 0763c76a4e Fixed scoping with leftjoin
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 20:54:24 -07:00
snipe 5d32c17a2e Removed comments
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 20:01:36 -07:00
snipe 10ca7cffc3 Fixes for query scoping, ordering, and nicer readability
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 19:59:23 -07:00
snipe 61176335d7 Improved category_type with strtolower() to make it case insensitive
Signed-off-by: snipe <snipe@snipe.net>
2021-09-21 15:51:41 -07:00
snipe 9b52c61d95 Updated banner with better warning
Signed-off-by: snipe <snipe@snipe.net>
2021-09-20 18:49:04 -07:00
snipe 36464bc17d Fix confirmation, because apparently you can't pass that along via cli vs interactively
Signed-off-by: snipe <snipe@snipe.net>
2021-09-20 18:22:06 -07:00
snipe f35208d58d Clean up, find custom fields and drop those columns
Signed-off-by: snipe <snipe@snipe.net>
2021-09-20 18:03:13 -07:00
snipe 4d30edd535 Let's make sure to keep some of the stuff we need on the demo as well
Signed-off-by: snipe <snipe@snipe.net>
2021-09-20 17:29:32 -07:00
snipe 957f33c8cf First stab at a better pave command
Signed-off-by: snipe <snipe@snipe.net>
2021-09-20 17:19:41 -07:00
snipe 8a93e1e796 Remove asset call on depreciation report controller method
We ajax this in now, so no need for it

Signed-off-by: snipe <snipe@snipe.net>
2021-09-15 13:49:53 -07:00
snipe d96f877aa4 Default show_in_nav to 0
Signed-off-by: snipe <snipe@snipe.net>
2021-09-15 11:33:13 -07:00
snipe 02705d0d1a Fixed S3 upload path
Signed-off-by: snipe <snipe@snipe.net>
2021-09-14 12:49:17 -07:00
snipe 80175cffdc Fixed #9969 - added color, show_in_nav, and default_label to status labels API
Signed-off-by: snipe <snipe@snipe.net>
2021-09-10 20:44:49 -07:00
snipe 514f9aa64a Fixed #9973 - add use_default_eula to categories API endpoint
Signed-off-by: snipe <snipe@snipe.net>
2021-09-10 20:23:49 -07:00
Ivan Nieto Vivanco f1b8b7d11d Convert whatever value we get in column 'checkout type' to all lowercase 2021-09-08 12:49:29 -05:00
snipe cfaa6679af
Merge pull request #10031 from inietov/fixes/checkout_date_not_saved_in_asset_history
Fixed #10026: Checkout date not saved in asset history
2021-09-07 17:37:30 -07:00
snipe bb5a04491d
Merge pull request #10053 from inietov/fixes/accepted_assets_still_showing_unaccepted_report
Fix Accepted Assets still showing on Unaccepted Asset Report
2021-09-07 12:15:17 -07:00
snipe f9c0eee7c9
Merge pull request #10048 from inietov/fixes/blank_results_for_non_superadmins
Fix to PR #10009.  The asset search now works as intended for normal users
2021-09-07 12:14:29 -07:00
Ivan Nieto Vivanco 27ff0be9a8 Delete checkout acceptances when an asset is checked in without response 2021-09-07 12:01:32 -05:00
Ivan Nieto Vivanco b5525e6a21 Deleted additional bindings present also in the User model 2021-09-07 00:57:12 -05:00
Ivan Nieto Vivanco c3eb7a3425 Remove aditional bindings that 'overflows' the generated queries 2021-09-07 00:15:21 -05:00
snipe 94310e18b1 Presenters and Transformers for Depreciation report
Signed-off-by: snipe <snipe@snipe.net>
2021-09-01 17:33:59 -07:00
snipe 2f25eb598b Allow the Assets API controller to handle depreciation reports
Signed-off-by: snipe <snipe@snipe.net>
2021-09-01 17:33:39 -07:00
Ivan Nieto Vivanco e621eaf456 Change date showed in the activity report view, the condition is now on action_date 2021-09-01 13:58:17 -05:00
Ivan Nieto Vivanco ea1d7a42e2 Add condition to check if action_date have value and if it have assign it to created_at parameter 2021-09-01 13:08:08 -05:00
snipe 4293674f4a Added a few more fields to the users API
Signed-off-by: snipe <snipe@snipe.net>
2021-08-31 12:36:06 -07:00
snipe aeae681326 Fixecd copypasta from state to zip
Signed-off-by: snipe <snipe@snipe.net>
2021-08-31 12:28:20 -07:00
snipe 4794f93224 Added additional fields for user search
Signed-off-by: snipe <snipe@snipe.net>
2021-08-31 12:24:53 -07:00
snipe f58ed6bd1f
Merge pull request #9982 from Shankschn/master
Fixes: When using API CheckIn assets, there will be two CheckIn records in the Activity Report log for each asset.
2021-08-31 11:08:52 -07:00
Ivan Nieto Vivanco d917ae51b7 Remove e() function from other input fields 2021-08-31 04:01:20 -05:00
Ivan Nieto Vivanco e7470b5545 Remove e() function from the saved notes when updating an asset maintenance 2021-08-31 03:50:57 -05:00
snipe a02534b6c8
Merge pull request #10009 from inietov/fixes/blank_results_for_non_superadmins
Fixes #9985. Error 500 when using the asset search - blank results for non super-admins
2021-08-30 13:29:18 -07:00
snipe 6d3a82aacf
Merge pull request #10008 from uberbrady/fix_unlink_error_ldap
Fixed rb445 and rb446 - the unlink calls for the client-side certs...
2021-08-30 12:47:38 -07:00
Brady Wetherington da0b375773 Fixed rb445 and rb446 - the unlink calls for the client-side certs
need to be wrapped around a file-existence check
2021-08-30 12:29:16 -07:00
Ivan Nieto Vivanco d1304cc975 Add sentence to infer the table's name according to the query passed 2021-08-30 13:44:26 -05:00
snipe 085be16966 Merge remote-tracking branch 'origin/develop' 2021-08-25 14:45:41 -07:00
Ivan Nieto Vivanco 4a79c77630 Add a condition to checkin licenses assigned to Assets 2021-08-25 16:38:34 -05:00
Ivan Nieto Vivanco 137f55e4ce Change condition to return the actual max upload size allowed to files 2021-08-25 15:27:25 -05:00
snipe 4abb9baa95 Merge remote-tracking branch 'origin/develop' 2021-08-24 15:29:41 -07:00
Shanks 961e80404a
Update AssetsController.php
Fix:When using API CheckIn assets, there will be two CheckIn records in the Activity Report log for each asset.
2021-08-24 16:39:58 +08:00
snipe 70f6753f50
Merge pull request #9979 from uberbrady/add_client_side_ldap_certs
Add client side ldap certs
2021-08-23 16:30:46 -07:00
snipe 9285697611 Merge remote-tracking branch 'origin/develop' 2021-08-20 17:30:52 -07:00
snipe 9687bcb41c Fixed issue where consumables model number was not searchable
Signed-off-by: snipe <snipe@snipe.net>
2021-08-20 17:30:35 -07:00
snipe 24af2ab67a Merge remote-tracking branch 'origin/develop' 2021-08-18 14:31:53 -07:00
snipe 7b447a2f16 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2021-08-18 14:31:38 -07:00
Ivan Nieto Vivanco f04e23cacb Add a small refactor so we not repeat logic 2021-08-18 15:22:53 -05:00
Ivan Nieto Vivanco 4207858a14 Fix the count in StatuslabelsController@getAssetsCountByStatuslabel() function that allows it to pass the correct index
Also edit the default color for assets with the Pending label, so it match the color in the docs
2021-08-18 14:08:35 -05:00
snipe b88fde5dae Nicer comment formatting
Signed-off-by: snipe <snipe@snipe.net>
2021-08-18 12:07:09 -07:00
snipe b5bb74b8ca Merge remote-tracking branch 'origin/develop' 2021-08-17 22:01:23 -07:00
snipe cce808c784 Fixed #9909 and #9714 - applies v6 currency formatter to v5 [ch16628]
Duplicates d4e46ee41f but on v5

Signed-off-by: snipe <snipe@snipe.net>
2021-08-17 21:59:33 -07:00
Brady Wetherington 4d4badf830 Got the client-side LDAP setup working well enough for sync! 2021-08-17 14:43:36 -07:00
James Emanuel 98285001ac
Fixing Typo on creating Depreciation 2021-08-16 15:33:17 +03:00
snipe 29c584289f Merge remote-tracking branch 'origin/develop' 2021-08-14 14:09:31 -07:00
snipe ef687fdc7b Fixed typo
Signed-off-by: snipe <snipe@snipe.net>
2021-08-14 14:07:04 -07:00
snipe 45caa8a90d Added restore functionalty to asset API
Signed-off-by: snipe <snipe@snipe.net>
2021-08-14 14:06:15 -07:00
Godfrey M 01037cf9cb initial commit: adds migration, input area and transformer modifications for depreciation minimum value [ch15358] 2021-08-10 18:26:43 -07:00
snipe cdc4940338
Merge pull request #9881 from inietov/fixes/integrity_constraint_violation__emailing_password_reset
Fixes Integrity constraint violation when emailing password reset.
2021-07-30 16:01:53 -07:00
Ivan Nieto Vivanco 27cdfbc579 Edit the log message 2021-07-29 16:14:52 -05:00
Ivan Nieto Vivanco 405545cd88 Add exception handling in the ForgotPasswordController 2021-07-29 16:02:45 -05:00
snipe 593e1234a5
Merge pull request #9797 from markbrule/fixes/search_parameter_checkedout_api
Fixed #9671: wrap OR queries in sub-condition in checkedout search
2021-07-27 14:39:10 -07:00
snipe 9a5d9eafeb
Merge pull request #9709 from morning-bird/master
add CompanyableTrait
2021-07-27 14:38:21 -07:00