Commit graph

99 commits

Author SHA1 Message Date
snipe 8f6ea84fca Fixed #4568 - escaping values in custom report 2018-12-12 19:38:24 -08:00
Till Deeke 48bbbe0f40 Fixing authorization issues (#5807)
* adds permission checks for companies

* adds permission checks for depreciations

* adds permission check for all reports

* fixes permissions for departments

* fixes permission naming (edit -> update)

* fixes authorization checking wrong permission in API

The authorization was checking for the non-existent „edit“ method where it should have checked for the „update“ method.

* adds authorization checks for select2 lists

* adds missing authorization checks for api

* fixes user authorization check for creating users

* adds additional check viewing assets on showing a users assets

* Removes authorization checks for select2 lists

Reference: https://github.com/snipe/snipe-it/pull/5807#pullrequestreview-136018755
2018-07-12 18:28:02 -07:00
snipe d7dc4ae0c0 Added manager to custom report 2018-06-27 00:45:09 -07:00
snipe 8ad5eb3e59 Fixed #5500 - present() on correct location value 2018-05-08 09:21:43 -07:00
snipe 13195d06fd Fixed #5491 - added default location filter for custom report 2018-05-08 07:34:14 -07:00
snipe 0be69f57ac Improved files display 2018-05-02 14:13:06 -07:00
snipe 97f748d58e Removed old reports methods and routes
We only use the custom asset report now
2018-05-02 03:44:31 -07:00
snipe 5948a0b235 Added department to custom asset export 2018-04-16 20:10:38 -07:00
snipe 2253439940 Added default location/address to custom report 2018-04-05 17:33:25 -07:00
snipe 115d6e29df Added location address to custom asset report export 2018-03-26 15:59:09 -07:00
snipe 2f9fff7130 Do not try to show depreciation report if no depreciations are set up 2018-01-25 13:16:49 -06:00
snipe 11505d5d06 Fix crash if no asset model
(This should never happen, but shouldn’t crash if/when it does)
2018-01-25 00:25:43 -08:00
snipe c816870083 De-norm last audit date so we can display it in the asset listing 2017-12-12 03:03:43 -08:00
snipe 438f484d68 Removed duplicate purchase cost column 2017-12-05 14:03:08 -08:00
snipe f95d780fcf Include purchase cost column if depreciation is selected 2017-12-05 14:02:43 -08:00
snipe e490185533 Fixed EOL in custom report 2017-12-05 12:54:19 -08:00
snipe d7f2bceea2 Fixed incorrect property on supplier 2017-12-04 20:45:20 -08:00
snipe 8b4c85d69a Removed verbose logging 2017-12-01 16:56:50 -08:00
snipe 78a51d3675 Additional fixes, improvements for custom report 2017-12-01 16:51:38 -08:00
snipe 14874d8e8a Fixes #4495 - missing field in Download CSV, added filter options on custom report 2017-12-01 14:47:52 -08:00
snipe ff793f1cb5 Added variable to determine if “new” modal button should be displayed 2017-12-01 14:37:11 -08:00
snipe 8140bdaa88 Fixed repeated header issue in asset export 2017-12-01 14:25:32 -08:00
snipe a7e12931fa Check that assigned is an object in reports controller 2017-11-22 18:42:17 -08:00
snipe 8f160a8590 Fixed CSV asset export missing checked out to info 2017-11-22 13:05:48 -08:00
snipe 2b3b2e3197 Removed presenter references in custom report 2017-11-06 10:44:57 -08:00
snipe a9d9234fb3 One more fix for custom reports 2017-11-06 10:44:18 -08:00
snipe 936ff707c7 Fixed custom report bug if assignedTo has no value 2017-11-06 10:42:34 -08:00
snipe feb2f5b076 Fixed #4356 - removed reference to old assetloc 2017-10-31 18:20:03 -07:00
snipe 890012f6c4 Update references to assetloc to location 2017-10-28 02:58:38 -07:00
snipe 512632ce60 Make the export button contextual for requested status 2017-10-03 12:50:18 -07:00
snipe 54671af7f0 Small export assets fix 2017-10-03 11:49:41 -07:00
snipe 8e73cacf4e Fixes custom report to include assigned to names, etc 2017-10-03 10:38:28 -07:00
snipe b29d7beb3a Merge branch 'develop'
# Conflicts:
#	.gitignore
#	Dockerfile
#	README.md
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/AssetMaintenancesController.php
#	app/Http/Controllers/AssetsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/GroupsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/routes.php
#	app/Models/Depreciation.php
#	app/Models/Location.php
#	config/version.php
#	resources/views/account/view-assets.blade.php
#	resources/views/hardware/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/partials/modals.blade.php
#	resources/views/reports/custom.blade.php
#	snipeit.sh
2017-09-22 16:12:18 -07:00
Daniel Meltzer 987536930c Assorted fixes (#3923)
* Fix some n+1 problems

* Use route in notification dropdown to make sure we link to correct page

* Work on better UI support for checkout to non-user.  Fix links on index bootstrap table, work towards eliminating assignedUser

* Remove Asset::assigneduser() relationship.  Instead add a checkedOutToUser() method and/or port to using assignedTo()

* Adjust string to fit new reality

* Fix #3780.  Move the consumables getDataView method to the ApiController.  Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...

* Fix file uploads to assets and restore the delete route.

* Add asset maintence edit action to index.

* Suppliers asset list should link to the related asset, not to the supplier with same ID.

* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.

* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
2017-09-05 17:54:58 -07:00
snipe 16f57e16cb Fixes #1190 - added basic audit workflow 2017-08-25 10:04:19 -07:00
snipe 14f3868b46 Update all controllers to use laravel 5 return view method 2017-06-09 16:44:03 -07:00
snipe 40e11b6661 Removed old getActivityReportDataTable() method, since we’re using the API now 2017-05-23 14:30:55 -07:00
snipe 5614578710 Don’t make the item clickable if it’s been deleted 2017-05-09 15:30:19 -07:00
snipe bb4c443cd9 Added notes to custom report 2017-02-03 02:20:56 -08:00
snipe 729b709de2 Include notes in custom asset report 2017-02-03 02:16:37 -08:00
snipe 7b1d2ee050 Fixed typo 2017-01-17 11:57:24 -08:00
Daniel Meltzer 8a782bf34a Present assetlogs (#3112)
* Set user if asset is checked out to user.  fixes email problems.

* Use sometimes validation to ignore this when no values are present.

* Move Actionlog details to a presenter and port the activity table to use it.  Still need to port other parts of the application, but this consolidates a lot of logic.

* Attempt test fix

* Port users,licenses, and assets view to use the presenter to generate table values.
2016-12-29 22:23:36 -08:00
snipe 221cf1f9c8 Merge branch 'checkout-to-things-v1' of https://github.com/dmeltzer/snipe-it into dmeltzer-checkout-to-things-v1
# Conflicts:
#	app/Http/Controllers/AssetsController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/UsersController.php
#	app/Presenters/AssetPresenter.php
2016-12-29 16:20:17 -08:00
snipe 51ceaedfaf Small phpcbf cleanup 2016-12-29 14:02:18 -08:00
Daniel Meltzer 8cc695b65f Port more assignedUser to assignedTo. 2016-12-29 09:31:16 -05:00
Daniel Meltzer 719463ef54 Progress 2016-12-27 22:04:11 -05:00
Daniel Meltzer d262aec4c3 Save Progress. 2016-12-27 19:24:41 -05:00
Daniel Meltzer 61543f3a04 Add presenters for models. (#3098)
* Add presenters for models.  Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot.  Move view specific modifications from the models to the presenters as well.

* Fix some issues found by travis and codacy

* Fix a few more issues found while testing.

* Attempt another acceptance test fix

* Try something else

* Maybe..
2016-12-23 17:52:00 -08:00
Daniel Meltzer cd8c585377 Discussion: Moving to policies for controller based authorization (#3080)
* Make delete routes work.  We put a little form in the modal that spoofs the delete field.

* Fix route on creating a user.

* Fix redundant id parameter.

* Port acceptance tests to new urls.

* Initial work on migrating to model based policies instead of global gates.  Will allow for much more detailed permissions bits in the future.

* This needs to stay for the dashboard checks.

* Add user states for permissions to build tests.

* Build up unit tests for gates/permissions.  Move accessories/consumables/assets to policies instead of in authserviceprovider

* Migrate various locations to new syntax.  Update test to be more specific

* Fix functional tests.

Add an artisan command for installing a settings setup on travis-ci

* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.

* Try to fix travis

* Update urls to use routes and not hardcode old paths.  Also fix some migration errors found along the way.:

* Add a environment for travis functional tests.

* Adjust config file to make travis use it.

* Use redirect()->route instead of redirect()-to

* Dump all failures in the output directory if travis fails.

* Cleanups and minor fixes.

* Adjust the supplier modelfactory to comply with new validation restrictions.

* Some test fixes.

* Locales can be longer than 5 characters according to faker... fex gez_ET.  Increase lenght in mysql and add a validation

* Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
snipe 9ea05bacf3 User resource routes 2016-12-15 20:52:39 -08:00