Commit graph

2519 commits

Author SHA1 Message Date
Daniel Meltzer c70bd62a0f
Missing includes. Fix by using the request object instead of facade. 2020-05-23 11:36:16 -04:00
Daniel Meltzer ad1db2c640
Fix incorrectly named parameter. 2020-05-23 10:26:56 -04:00
snipe f88683766b
Roll back previous change
Signed-off-by: snipe <snipe@snipe.net>
2020-05-14 00:55:47 -07:00
snipe e4385c0f8c
Fixes #8051 regression
Signed-off-by: snipe <snipe@snipe.net>
2020-05-14 00:48:30 -07:00
Daniel Meltzer a6f90cb3fc
Assorted licenses UI fixes while testing.
* Rename licenses route checkin parameter to clarify it's purpose and
fix incorrect route in users view page.
* Checkin note can be nullable for checking in a license.
* License Seat view was only showing 20 license seats due to faulty
transformer logic.
2020-05-12 14:38:21 -04:00
snipe 274f82893f
Regenerate session ID on logout
Signed-off-by: snipe <snipe@snipe.net>
2020-05-12 10:38:00 -07:00
snipe 0550fe0ffa
Fix for session fixation vulnerability
Signed-off-by: snipe <snipe@snipe.net>
2020-05-12 10:31:54 -07:00
snipe 730632e2eb
Apply PR #8043 to develop
Signed-off-by: snipe <snipe@snipe.net>
2020-05-11 22:57:55 -07:00
snipe 95cc48e422
Added option to disable backup in import
Signed-off-by: snipe <snipe@snipe.net>
2020-05-11 20:41:10 -07:00
snipe bb42109c0c
Added a clarifying comment
Signed-off-by: snipe <snipe@snipe.net>
2020-05-11 18:10:45 -07:00
snipe b9e821c0e6
Small fix for Group Functional Tests
Signed-off-by: snipe <snipe@snipe.net>
2020-05-11 18:07:14 -07:00
Johnson Yi c1c37d521c Allow downloading sp metadata without idp 2020-05-06 19:50:50 +10:00
Johnson Yi b2930d6069 Added #542: add saml authentication 2020-05-06 00:06:19 +10:00
snipe 85712a1960
Only override fieldset_id with custom_fieldset_id if it’s present
This is mostly to support prior versions. I have NFC why we did this in the first place. I’m sure I had a stellar reason, but couldn’t tell you what it is today.

Signed-off-by: snipe <snipe@snipe.net>
2020-04-30 20:59:42 -07:00
snipe e9cb17394c
Small validation fix on reset password
Signed-off-by: snipe <snipe@snipe.net>
2020-04-30 19:10:07 -07:00
snipe 8507bcd16b
Merge pull request #8008 from dmeltzer/component-checkinout-fixes
Component checkout/checkin fixes.
2020-04-30 17:49:22 -07:00
snipe b488cffc7e
Merge pull request #8006 from dmeltzer/api-test-fixes
Test fixes pt 2.
2020-04-30 17:46:25 -07:00
snipe 8bb3c01f78
Addressed merge issue for reset password for #7997
Signed-off-by: snipe <snipe@snipe.net>
2020-04-30 17:45:05 -07:00
snipe 82e02490fd
Removed duplicate update method (per #7997)
Signed-off-by: snipe <snipe@snipe.net>
2020-04-30 17:23:56 -07:00
Daniel Meltzer 68224757f4
Validate when editing the quantity of a component that the new quantity is > the amount checked out 2020-04-29 13:25:04 -04:00
Daniel Meltzer 358609720a
Component checkout/checkin fixes.
- Provide proper translated messages for checkin vs checkout
- Pass appropriate methods to the Checkout event, fixes an error on
checkin.
- Default to a value of 1 on checkin in UI to save a click sometimes.
2020-04-29 12:50:09 -04:00
Daniel Meltzer 1f8c3cc670
Test fixes. 2020-04-29 11:03:07 -04:00
Daniel Meltzer f8d18a8eb0
Revert asset-checkout-different validation.
This was causing issues when trying to check an item out to a user or a
location because of the way laravel handles validation.

Instead, rely on the exception check we had in the controller.  I moved
this exception up to the model checkout method so that it would work
for anywhere that that method was called, even if it avoided the
controller.
2020-04-29 10:59:00 -04:00
Daniel Meltzer 05187eb27f
Fix Functional Tests. 2020-04-28 11:39:53 -04:00
Daniel Meltzer c74b904f14
Fix Location parent different validation on new location creation. 2020-04-28 11:39:52 -04:00
snipe 412caebf69
Fixed logo uploads
Signed-off-by: snipe <snipe@snipe.net>
2020-04-27 23:22:52 -07:00
snipe 5bb4f271aa
Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets
Signed-off-by: snipe <snipe@snipe.net>
2020-04-24 00:47:19 -07:00
snipe bea3a7b982
Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets
Signed-off-by: snipe <snipe@snipe.net>
2020-04-24 00:39:32 -07:00
snipe f66ce02756
Added debugging logs
Signed-off-by: snipe <snipe@snipe.net>
2020-04-23 22:46:02 -07:00
snipe c7b300a50d
Updated LDAP sync controller to use new Adldap2 connections
Signed-off-by: snipe <snipe@snipe.net>
2020-04-23 22:45:44 -07:00
snipe cdd0e405be
Fixed weird merge
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 07:12:29 -07:00
snipe b725e788ec
Applied new selectlist search to locations
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 06:39:41 -07:00
snipe 69a1732245
Removed duplicate form request in asset models controller
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 03:51:10 -07:00
snipe 7e9e5214ef
Fixed status label create error
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 03:50:43 -07:00
snipe 7a33e335d4
Fixes PSR autoloading issue 2020-04-21 20:15:24 -07:00
snipe 29b05d2020
Fixed syntax error in image upload request from mangled merge 2020-04-21 06:29:57 -07:00
snipe c17106d1b3
Fixes for settings controller 2020-04-21 04:08:25 -07:00
snipe cb71bcc4af
Switch to old() helper 2020-04-21 03:58:31 -07:00
snipe 87464e6ec0
Merge branch 'develop' into integrations/2020-04-15-v5-merge
# Conflicts:
#	README.md
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/ForgotPasswordController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Requests/ImageUploadRequest.php
#	app/Models/LicenseSeat.php
#	app/Models/Location.php
#	app/Models/Setting.php
#	composer.json
#	composer.lock
#	config/database.php
#	config/version.php
#	npm-shrinkwrap.json
#	package.json
#	public/css/AdminLTE.css
#	public/css/AdminLTE.css.map
#	public/css/overrides.css
#	public/css/overrides.css.map
#	public/css/skins/skin-blue-light.css
#	public/css/skins/skin-blue.css
#	public/css/skins/skin-green-dark.min.css
#	public/js/app.js
#	public/js/bootstrap-table.js
#	public/js/bootstrap/js/bootstrap.js
#	public/js/bootstrap/js/bootstrap.min.js
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/demo.js
#	public/js/ekko-lightbox.js
#	public/js/ekko-lightbox.min.js
#	public/js/extensions/export/bootstrap-table-export.js
#	public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js
#	public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js
#	public/js/extensions/toolbar/bootstrap-table-toolbar.min.js
#	public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js
#	public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js
#	public/js/plugins/timepicker/bootstrap-timepicker.js
#	public/js/plugins/timepicker/bootstrap-timepicker.min.js
#	public/js/vue.js
#	public/mix-manifest.json
#	resources/assets/js/bootstrap-js.js
#	resources/assets/js/bootstrap.min.js
#	resources/assets/js/ekko-lightbox.js
#	resources/assets/js/ekko-lightbox.min.js
#	resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js
#	resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js
#	resources/assets/js/plugins/chartjs/Chart.js
#	resources/assets/js/plugins/timepicker/bootstrap-timepicker.js
#	resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js
#	resources/assets/less/AdminLTE.less
#	resources/assets/less/overrides.less
#	resources/assets/less/skins/_all-skins.less
#	resources/assets/less/skins/skin-black.less
#	resources/assets/less/skins/skin-blue.less
#	resources/assets/less/skins/skin-green.less
#	resources/assets/less/skins/skin-purple.less
#	resources/assets/less/skins/skin-red.less
#	resources/assets/less/skins/skin-yellow.less
#	resources/assets/less/variables.less
#	resources/js/components/importer/importer-file.vue
#	resources/lang/en/auth/message.php
#	resources/lang/en/passwords.php
#	resources/lang/es-CO/general.php
#	resources/lang/es-ES/general.php
#	resources/lang/es-VE/general.php
#	resources/less/skins/skin-black-dark.less
#	resources/less/skins/skin-blue-dark.less
#	resources/less/skins/skin-contrast.less
#	resources/less/skins/skin-green-dark.less
#	resources/less/skins/skin-orange-dark.less
#	resources/less/skins/skin-orange.less
#	resources/less/skins/skin-purple-dark.less
#	resources/less/skins/skin-red-dark.less
#	resources/less/skins/skin-yellow-dark.less
#	resources/views/accessories/checkin.blade.php
#	resources/views/accessories/checkout.blade.php
#	resources/views/accessories/edit.blade.php
#	resources/views/account/profile.blade.php
#	resources/views/account/view-assets.blade.php
#	resources/views/asset_maintenances/edit.blade.php
#	resources/views/auth/passwords/email.blade.php
#	resources/views/auth/passwords/reset.blade.php
#	resources/views/categories/edit.blade.php
#	resources/views/companies/edit.blade.php
#	resources/views/components/checkin.blade.php
#	resources/views/components/checkout.blade.php
#	resources/views/components/edit.blade.php
#	resources/views/consumables/checkout.blade.php
#	resources/views/consumables/edit.blade.php
#	resources/views/custom_fields/fields/edit.blade.php
#	resources/views/custom_fields/fieldsets/edit.blade.php
#	resources/views/dashboard.blade.php
#	resources/views/departments/edit.blade.php
#	resources/views/groups/edit.blade.php
#	resources/views/hardware/audit.blade.php
#	resources/views/hardware/bulk-checkout.blade.php
#	resources/views/hardware/bulk.blade.php
#	resources/views/hardware/checkin.blade.php
#	resources/views/hardware/checkout.blade.php
#	resources/views/hardware/edit.blade.php
#	resources/views/hardware/index.blade.php
#	resources/views/hardware/quickscan.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/importer/import.blade.php
#	resources/views/layouts/basic.blade.php
#	resources/views/layouts/default.blade.php
#	resources/views/layouts/edit-form.blade.php
#	resources/views/licenses/checkin.blade.php
#	resources/views/licenses/checkout.blade.php
#	resources/views/licenses/edit.blade.php
#	resources/views/locations/edit.blade.php
#	resources/views/manufacturers/edit.blade.php
#	resources/views/modals/upload-file.blade.php
#	resources/views/models/bulk-edit.blade.php
#	resources/views/models/custom_fields_form.blade.php
#	resources/views/models/edit.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/partials/forms/edit/address.blade.php
#	resources/views/partials/forms/edit/asset-select.blade.php
#	resources/views/partials/forms/edit/category-select.blade.php
#	resources/views/partials/forms/edit/category.blade.php
#	resources/views/partials/forms/edit/company-select.blade.php
#	resources/views/partials/forms/edit/company.blade.php
#	resources/views/partials/forms/edit/department-select.blade.php
#	resources/views/partials/forms/edit/depreciation.blade.php
#	resources/views/partials/forms/edit/email.blade.php
#	resources/views/partials/forms/edit/image-upload.blade.php
#	resources/views/partials/forms/edit/item_number.blade.php
#	resources/views/partials/forms/edit/location-profile-select.blade.php
#	resources/views/partials/forms/edit/location-select.blade.php
#	resources/views/partials/forms/edit/location.blade.php
#	resources/views/partials/forms/edit/maintenance_type.blade.php
#	resources/views/partials/forms/edit/manufacturer-select.blade.php
#	resources/views/partials/forms/edit/manufacturer.blade.php
#	resources/views/partials/forms/edit/minimum_quantity.blade.php
#	resources/views/partials/forms/edit/model-select.blade.php
#	resources/views/partials/forms/edit/model_number.blade.php
#	resources/views/partials/forms/edit/name.blade.php
#	resources/views/partials/forms/edit/notes.blade.php
#	resources/views/partials/forms/edit/order_number.blade.php
#	resources/views/partials/forms/edit/phone.blade.php
#	resources/views/partials/forms/edit/purchase_cost.blade.php
#	resources/views/partials/forms/edit/purchase_date.blade.php
#	resources/views/partials/forms/edit/quantity.blade.php
#	resources/views/partials/forms/edit/serial.blade.php
#	resources/views/partials/forms/edit/status.blade.php
#	resources/views/partials/forms/edit/submit.blade.php
#	resources/views/partials/forms/edit/supplier-select.blade.php
#	resources/views/partials/forms/edit/supplier.blade.php
#	resources/views/partials/forms/edit/user-select.blade.php
#	resources/views/reports/custom.blade.php
#	resources/views/settings/alerts.blade.php
#	resources/views/settings/asset_tags.blade.php
#	resources/views/settings/barcodes.blade.php
#	resources/views/settings/branding.blade.php
#	resources/views/settings/general.blade.php
#	resources/views/settings/labels.blade.php
#	resources/views/settings/ldap.blade.php
#	resources/views/settings/localization.blade.php
#	resources/views/settings/security.blade.php
#	resources/views/setup/user.blade.php
#	resources/views/suppliers/edit.blade.php
#	resources/views/users/bulk-edit.blade.php
#	resources/views/users/edit.blade.php
#	resources/views/users/ldap.blade.php
#	resources/views/users/print.blade.php
#	resources/views/users/view.blade.php
#	routes/api.php
#	routes/web/hardware.php
#	webpack.mix.js
2020-04-20 23:20:34 -07:00
snipe 197a84be94
Commented out rtd_location_id override - why did we do that? 2020-04-09 14:17:39 -07:00
snipe b4fa4c77d7
Check for rtd_location_id before trying to assign 2020-04-09 14:14:30 -07:00
snipe cfec142c3b
Better handle models without a fieldset in the asset request [RB 9935] 2020-04-09 11:18:54 -07:00
snipe f8a72db696
Changed LDAP 600 to 500, clearer error messages on LDAP test 2020-04-09 09:55:44 -07:00
snipe 206bd675f2
Pulled slack validation out of setting model validation so it doesn’t fail mysteriously on other pages 2020-04-08 15:07:02 -07:00
snipe a0f7fdc57a
Merge branch 'fixes/accessibility_fixes'
# Conflicts:
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/importer/importer-file.vue
2020-04-08 11:19:42 -07:00
snipe 79232fc434
Fixed #7947 - Added rtd_location_id to API search 2020-04-08 11:00:04 -07:00
snipe 0b3f511534
Fixed compact() errors 2020-04-07 17:26:56 -07:00
snipe 893944403e
Check for location_id being set before trying to set it on checkout via API 2020-04-06 15:54:40 -07:00
snipe d7873f257d Fixed CSP for importer 2020-04-06 14:18:45 -07:00
snipe e7c1418314 Fixed possible typo in CSP 2020-04-01 19:47:42 -07:00
snipe 4dcc1ffdbc More form labels 2020-04-01 02:22:24 -07:00
snipe 7d466f3584 Update user uploads for more data to work with recport 2020-04-01 02:22:16 -07:00
snipe 6174f9b93f Check that there is actually a filed ID submitted 2020-04-01 01:25:31 -07:00
snipe a467a6999e Use upload modal 2020-03-31 22:50:07 -07:00
snipe 6066c249d5 Moved gate to the top of the method 2020-03-06 16:01:13 -08:00
Ivan Nieto 025ea93f05
Fix for when a user with the correct permissions couldn't update Manufacturers. (#7882)
* Changed the ability name from 'edit' to 'update'. Changed the order of execution: first checks if the manufacturer exists, then checks permissions

* Handles the update method, that also has the ability parameter as edit instead of update"
q

* Revert "Handles the update method, that also has the ability parameter as edit instead of update""

This reverts commit d7dc0e451e.

* Handles the update method, that also has the ability parameter as 'edit' instead of 'update'
2020-03-06 15:59:51 -08:00
snipe 54fd8f81ff
Added permissions on user api (#7883)
* Add permissions to user edit API

* Add user permissions on user create/update API endpoint
2020-03-06 15:28:46 -08:00
snipe ca43554327
Fixes search by serial or tag even if they have slashes in them (#7879)
* Fixes search by serial or tag even if they have slashes in them

* Added support for url param byTag and bySerial

* Fixed typo comments

* Sojme additional comments to clarify use-cases

* Updated comments for clarity
2020-03-06 14:55:20 -08:00
snipe 039f5da0e1
Add image upload to user edit [ch10508] (#7877)
* Use correct Request include

* Updated to use additional form request

* Added SVG sanitizer

* Added response method to form request

* Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete

* Fixed upload path for avatars

* Added fieldname variable to blade partial for image upload

* Added enctype="multipart/form-data"  to form to allow uploads

* Added image field

* Updated Request::old() to use $request->old()

* Fixed derp in edit blade referring to $item when it should be $user

* Added svg+xml to image rule
2020-03-05 18:00:24 -08:00
snipe 8b2f8ef3cb Spelling is hard :( 2020-03-04 22:19:59 -08:00
snipe 15518852aa Added validation to reject email addresses over 250 characters 2020-03-04 22:08:07 -08:00
snipe dfb9e430fa Removed debug line 2020-02-11 22:09:37 -08:00
snipe c33970e3e3 Added timestamp to uploaded files so they are unique and don’t overwrite
Laravel 6 now does this automaically, so we should switch to their way
2020-02-11 20:19:59 -08:00
Godfrey Martinez 0e0fe967e4
BadMethodCallException Method update does [ch10544] (#7804) 2020-02-10 19:27:23 -08:00
snipe 2f0ed129f0 Use “invalid barcode” image and suppress errors when barcode format is wrong 2020-02-04 18:15:01 -08:00
Fabian Grutschus 5becb93e6c
Added: allow appending of domain name to username when user tries to login (#7790) 2020-02-04 12:47:49 -08:00
snipe 3361b859c0
Changes offset to use the actual item count as override instead of 0 (#7788) 2020-02-04 12:32:24 -08:00
snipe 89e2a3ae3c Fixed #7752 - reformat /api/v1/users/me to use transformer 2020-01-30 13:12:43 -08:00
snipe 5f85d8132b
Fix for weird JSON parsing in actionlogs (#7753)
* Fix for weird JSON parsing in actionlogs

* Removed debugging code

* Check for the meta array

(If no fields, no array)
2020-01-24 17:31:43 -08:00
snipe 56582614b6 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2020-01-22 16:07:46 -08:00
Ivan Nieto 313cacdb71 Select Import File fails in Develop [ch10598] (#7718)
* Delete an unused import, then replace a deprecated facade with the needed one for uploading files

* Added the needed use for the Request Facade
2020-01-17 16:12:51 -08:00
Ivan Nieto 75bf8f3d58 Remove not existent variable 'id' in the redirect causing [ch10602] (#7732) 2020-01-17 16:12:24 -08:00
snipe 324da7c0c8 Include correct license, asset, etc count on user show API call 2019-12-19 18:09:53 -08:00
snipe 779fc6d195 Added license endpoint for users 2019-12-19 18:00:36 -08:00
snipe 159acf6788 Removed extra space 2019-12-19 17:47:50 -08:00
snipe 94ce8cad64 Make sure $user->item exists before trying to count on it 2019-12-11 14:43:46 -08:00
snipe 4d38c44a93 Fixed groups request 2019-12-11 11:26:58 -08:00
snipe c31e150935 Use $request->input over Request::get() 2019-12-11 11:09:54 -08:00
snipe a5b180a9c6 Fixed Call to a member function count() on null for location delete 2019-12-11 10:46:07 -08:00
snipe a8bbb951bc Use Request instead of Input 2019-12-10 22:05:49 -08:00
snipe df778cdb80 Include storage in use statements 2019-12-10 22:03:15 -08:00
snipe d7c51f1a2c Added Request to use statements 2019-12-10 20:39:29 -08:00
snipe 296de34e8a
WIP: Upgrade develop to Laravel 6.6.1 (#7637)
I'm going ahead and merging this, since the upgrade doesn't break Flysystem any worse than the current develop is broken, so far as I can tell. 


* Upgraded framework to Laravel 6

### TO DO:

- Fix password restriction rules- the old library isn’t compatible with Laravel 6 :(
- Figure out why in-app API calls are returning “Unauthorized”

* More updates from Input:: to Request:: helper

* Switch to Request:: from Input

* Added passport config

* Fixed goofy password minimum in seeder

* Added laravel/helpers

* Changed ($item)  to ($item->id) in forms

I have no idea why this is necessary

* Changed ($item) to ($item->id) in forms

* Updated API middleware to auth:api

* Updated with added laravel auth.php values

* FIxed *&!^$%^&$^%!!!! ajax issue

* Switch to Request::get from Input::get

* Switched to Request facade

* Added password security minimums back in

The package we were using has not been updated to Laravel v6, so I created custom validators instead

* Added language strings for error messages for password rules

* Fixed `($item)` issue in formActions for partials
2019-12-10 19:32:50 -08:00
snipe ff57f10e9f
Fix for searching on child location names (#7646)
* Fix for child locations

* Reverts temp changes to indenter
2019-12-06 13:14:10 -08:00
Ivan Nieto 9291e3ada3 Added a validation to Transformers/LocationsTransformer.php:transformLocations() in case location doesn't have children location (#7640) 2019-12-06 11:42:36 -08:00
Yorick Terweijden 2a6a381bc7 Return real Asset error (#7054) 2019-12-06 11:07:12 -08:00
Valentyn Tulub 6ad1f51673 Added #6489: show asset assignments under user assignments (#7293)
* Add a setting to show assets assigned to other assets #6489

* Update user's views to show assets assigned to other assets #6489

* Add ukrainian and russian translation for the feature #6489 in settings
2019-12-06 10:57:48 -08:00
herroworrd 3fbfb0c658 Add requestable to asset model api results (#7577)
Nice, thanks!
2019-12-06 10:33:06 -08:00
Lorenzo P 7225b53986 fix syntax error in CustomFieldsetsController::show() (#7595)
That someone was probably me :D Thanks for this, good catch!
2019-12-06 10:31:00 -08:00
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639)
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
snipe ff8d98c97c
Update child assets to reflect asset parent location (#7458) 2019-12-04 16:19:25 -08:00
snipe 04cf8d7fbf Removed Helper reference since it’s autoloaded 2019-12-04 15:56:55 -08:00
snipe c635db0a76 Fixed upload parh for asset models 2019-12-04 15:23:49 -08:00
snipe 704c696711 Fixed parse error in settings controller 2019-12-04 14:54:36 -08:00
snipe 88cf456386
Adding Dept to license seats (#7609)
* Adding Dept to license seats

* Added query scope to order by department

* Make license seat department sortable

* Disable license seat internal search - this never actually worked
2019-11-21 22:03:56 -08:00
snipe 5065164c40 Bumped Carbon version 2019-11-21 13:14:18 -08:00
snipe 5290c47e2a Merge branch 'develop' into v5-master-develop-integration
# Conflicts:
#	.env.example
#	.travis.yml
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetFilesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Middleware/EncryptCookies.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/AssetMaintenance.php
#	app/Models/Location.php
#	app/Models/User.php
#	composer.json
#	composer.lock
#	config/backup.php
#	config/database.php
#	config/version.php
#	public/mix-manifest.json
#	resources/lang/en-ID/general.php
#	resources/lang/vi/admin/settings/general.php
#	resources/views/accessories/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/layouts/default.blade.php
#	tests/api/ApiCategoriesCest.php
2019-11-18 19:49:39 -08:00
snipe a73fd24695 Fix maintenances permissions check to allow users who can edit assets to edit maintenances 2019-11-08 17:02:17 -08:00
Marián Skrip 53eae6fbfd Fix issues with update permission naming (#7493)
This solves an issue when admin would be able to create and delete
categories but not edit them.
2019-10-28 11:44:48 -07:00
Alexandr Hacicheant a90149940a Update UsersController.php (#7528)
Returned missed bracket after merge master to develop
2019-10-28 11:43:29 -07:00
snipe 0769f585ea Disallow locations from being their own parents 2019-10-21 15:45:05 -07:00
snipe 22d2ad9248
Fixes nested location selectlist (#7483)
* Rename child locations method

* Use Ajax dropdown for locations selectlist for edit/create

* Removed locations database call on edit/create blades for faster loading

* Updated locations controller to use the new iterator

* Increase pagination on locations controller to 500

We’re already loading all of that data up beforehand anyway, so no point in keeping the query smaller.

* Fixed the else to make codacy happy

* Improve the design and performance of the nested location selectlist (#7484)

* Improve the design and performance of the nested location selectlist

* Fixed parse errors

* Removed debugging code/comments
2019-10-02 03:56:56 -07:00
snipe 6deb26fafe Remove unused variable 2019-09-30 19:37:52 -07:00
snipe c68c0e1208 Account for limit if none is passed in the request 2019-09-03 20:28:49 -07:00
snipe c256536d21 Math is hard 2019-09-03 14:29:58 -07:00
snipe b8f7cd81eb
Limit API request results per page (#7405) 2019-09-03 14:02:08 -07:00
Martin Berg 3dcef9aac9 Add support for custom remote user header (#7370) 2019-09-03 11:07:26 -07:00
Logan Swartzendruber 4c8b26f732 Implement #3088: Add "Generate Label" option to "Actions" dropdown menu in individual Asset Details view. (#7388)
* Implement #3088: Add "Generate Label" option to "Actions" dropdown menu in individual Asset Details view.

* Add conditional for including the asset number in the URL of the barcode image.

* Change case of variables to pass Codacy PR review standards.
2019-09-03 11:02:55 -07:00
Rick Heil 7b0b28aed0 Add #7393 - next_audit_date set on asset creation if an audit interval is configured in settings (#7394) 2019-09-03 10:58:51 -07:00
snipe 6d66d7e215 Removed withErrors on JSON response 2019-08-22 21:36:47 -07:00
snipe b5bf8e9a37 Smaller chunking for custom report, add max_execution_time 2019-08-15 06:14:25 -07:00
snipe da52511bf9 Use asset tags 2019-08-14 23:13:23 -07:00
snipe c5e6f06e9b Revert import history to master version to fix errors 2019-08-14 22:27:17 -07:00
snipe 6db915b7f0 Removed serialize duplicate 2019-08-14 22:22:50 -07:00
snipe 441ae69f5c
Integrations/develop into master (#7352)
* Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)

* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)

* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)

* Fixed #7003 - crash when warranty months or purchase date is null

* Fixed #6956 - viewKeys policy inconsistent  (#7009)

* Fixed #6956 - Added additional gates show showing/hiding license keys

* Modified gate to allow user to see licenses if they can create or edit the license as well

* Added API middleware to API routes to enable throttling

TODO: Figure out how to make this costumizable without touching the code

* Import locations from CSV via command line (#7021)

* Added import locations command

* Small fixes to location importer

* Added country, LDAP OU

* Cleaned up comments, added more clarification to what the script does

* Added ability to update groups via API

Fixes [ch9139]

* Bumped version

* Fixed #6883 - remove escaping of fields on LDAP import

* Fixed #6880 - correctly encrypt encrypted fields via the API

* Fixes #5054: LDAP users deactivated for none-ad (#7032)

When using none-AD ldap, users are automatically deactivated every LDAP
sync.  This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.

Fixed #5054, at least for 4.X

* Updated packages

  - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
  - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
  - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
  - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
  - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
  - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
  - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)

* Fixed #7044 - API update deleted custom fields if they are not re-presented

* Fixed XSS vulnerability when creating a new categories, etc via modal on create

Same fix as before, because of the weird select2 post-parsing ajax behavior

* Updated email strings

* Fixed #7046 - added user website url back into UI

* Updated language strings

* Bumped version

* Updated packages

* New backups config for spatie

* Removed debugbar service provider (autodiscovery)

* Use laravel v5.5 withCount manual aliases

* Added spatie language files

* Removed old laravel backups config

This config file was renamed in a newer version of spatie laravel-backup

* Set the serialization

* Added the command loader to console kernel

* Renamed fire() to handle()

* Updated withCount to use manual naming

* Updated backup path in backup admin

* Updated travis with new php versions

* Bumped laravel version in readme

* Fixed custom field edit screen

* Fixed baseUrl is undefined error

I literally cannot figure out how this ever worked before.

* Fix for included files in backup

* Bumped version

* Switch has() to filled()

* Change ->has() to ->filled()

* Removed cosole log

* Bumped packages

* Use getReader instead of fetchAssoc for CSV parser

https://csv.thephpleague.com/9.0/upgrading/

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Trying to fix ajax asset validation

This I think gets us closer, but still not handling the validation on the asset properly.

When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:

```
Illuminate\Support\MessageBag Object
(
    [messages:protected] => Array
        (
            [name] => Array
                (
                    [0] => The name field is required.
                )

            [seats] => Array
                (
                    [0] => The seats field is required.
                )

            [category_id] => Array
                (
                    [0] => The category id field is required.
                )

        )

    [format:protected] => :message
)
```

Currently the Assets ajax returns:

```
[2019-05-24 06:52:06] develop.ERROR: array (
  'messages' =>
  array (
    'model_id' =>
    array (
      0 => 'The model id field is required.',
    ),
    'status_id' =>
    array (
      0 => 'The status id field is required.',
    ),
    'asset_tag' =>
    array (
      0 => 'The asset tag field is required.',
    ),
  ),
)
```

So not sure why it’s not working.

* Fixed missing asset validation

* Check that a model exists before trying to fiddle with fieldsets

* Tidied up license check

* Removed extra escaping on checkin

* Updated importer to work with newer CSV Reader::getRecords() method

* Fixed field mapping

* Small fix for reordering fields

Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]

This needs revisiting for a more solid fix, especially for data that was already entered bad.

* Fixed bug where sorting by company name in Users API did not work

Fixes [ch9200]

* Removed custom fields from AssignedSearch to prevent confusing data in selectlist

Fixes [ch9193]

* Removed alert-danger from tests

* Fixed missed consumables_count withCount() statement

* Fixed Undefined variable user in $backto if checked out to a non-user

Fixes [ch9194]

* Check for valid model before attempting to access fieldsets

Fixes [ch1249]

* Only build the log upload destination path if there is a matching record

Fixes [ch1232]

* Fixed free_seats_count variable name

(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)

* Only gtry to delete the file if a record is found in the log

* Only try to get fieldset if model is valid

* Fixed more camel-casing -> snake-casing

* Only display the file if the log record can be found

* Fixed casing in sync command

* Updated README

* Derp - typo

* Added link to Atlassian plugin

* More Atlassian clarifications

* Show accessory image on view page

* Increased image size to 800px, added lightboxes

* Fixed #7083 - Removed user_exists constraint on department save

If the user has been deleted, this prevented the department from being successfully saved on edit

* Updated branch in version file

* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)

* bump up to php7.1

& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`

* AND modapache ><

* 2 updates required to get software-properties+ppa

* Bumped version

* Bumped release again :(

* Missed one

* Fixed #7098 - updated backup config for deleteFile() method

* Fixed #7092 -  handle weird port forwarding/port numbers for baseUrl

* Bumped version

* Fixed #7099 - set email to null by default for backup notifications

* Removed old comments

* Fixed #7100 - Check if $user isset on checkin

* Increased throttle to 120 requests per minute

* Added Filipino, corrected order for Spanish variations

* Update language strings

* Bumped hash

* Changed has to filled to fix bulk asset editing

* Bumped point version

* Small fixes for phpleague CSB reader v9

* Improved error checking in locations importer

* Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility

* Reduce minimum group name length to 2 (from 3)

eg: IT

* Back in time fix FOR #7145 for new installs on MySQL 8+

* Fixed permission insert

//TODO

Handle this via model

* Possible fix for reporting/admin migration back in time

* Fixed #7164 - change table name to permission_groups

* Fixed LDAP password blanking on save

* fixing previous commit's actual wiping of password (#7183)

replaced Input::fille('ldap_pword') with _filled_.   Should be good to go.  

https://github.com/snipe/snipe-it/issues/7179

https://github.com/snipe/snipe-it/issues/7169

* Bumped version

* Downgrading rollbar for Laravel 5.5

* Spelling Correction (#7206)

Fixed Spelling for the word reqrite, to be rewrite.

* Fix #6910: Add logic to manipulate the eloquent query. (#7006)

* Added company_id to consumables_users table

* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users

* Remove a migration that tries to fix this problem, but is not longer necessary

* Addresses #7238 - add PWA code to layout

Needs additional UX testing

* Better log message for bad LDAP connection

* Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed

* Comment clarification on #7186

* Check for valid seat on hardware view

* Added space between footer and custom message

* Cap warranty months to three characters

Filles rollbar 209

* Cap warranty months to 3 on the frontend blade

* Fixed countable() strings on user destroy

* Check that the user has assets and that the aset model is valid

* Bumped hash

* Caps asset warranty to 20 years

* Command to fix custom field unicode conversion differences between PHP versions (#7263)

* Fixes #7252 form request changes (#7272)

* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code

* Apply fix from PR #7273 to master

* Bumped hash

* Fixed #7250 - permission issue for API fieldsets and fields endpoints

This applies the change from #7294 to master

* Add @mskrip as a contributor

* Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name

* CORS for api (#7292)

* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer

* Bumped version

* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)

* Added comments to the ByFilter query scope for clarity

* Added accessories checkout/checkin API endpoint

* Fixed CVE-2019-10742

https://nvd.nist.gov/vuln/detail/CVE-2019-10742

* Update README.md (#7334)

Add reference to CSV importer.

* Group related variables in .env

* History importer fixes

* Fixes to history importer
2019-08-14 21:48:14 -07:00
snipe 8b4a9aa382 Fixes to history importer 2019-08-13 18:15:42 -07:00
snipe 99cd552d5c History importer fixes 2019-08-13 18:00:21 -07:00
snipe e7b0ee2539 Added accessories checkout/checkin API endpoint 2019-08-02 15:08:26 -07:00
snipe 3dc2cc9f22
CORS for api (#7292)
* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer
2019-07-26 12:38:31 -07:00
snipe ab86e42b2e Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name 2019-07-26 12:37:38 -07:00
snipe 250a797339 Fixed #7250 - permission issue for API fieldsets and fields endpoints
This applies the change from #7294 to master
2019-07-24 11:00:42 -07:00
Marián Skrip 8a1f6b74e8 Fix permission issue for API fieldsets and fields endpoints (#7294)
Close snipe/snipe-it#7250
2019-07-24 10:57:09 -07:00
snipe 55ee90b25d
Fixes #7252 form request changes (#7272)
* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code
2019-07-18 14:32:23 -07:00
snipe 444e250609 Fixed countable() strings on user destroy 2019-07-17 17:51:13 -07:00
snipe b4b6d6b571 Comment clarification on #7186 2019-07-15 15:31:09 -07:00
snipe 8c73a47afb Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed 2019-07-15 15:27:02 -07:00
snipe f82ffe378c Merge branch 'master' of https://github.com/snipe/snipe-it 2019-07-15 14:11:18 -07:00
snipe 984c2a8fd4 Better log message for bad LDAP connection 2019-07-15 14:10:57 -07:00
Ivan Nieto d409be6d43 Fix #6910: Add logic to manipulate the eloquent query. (#7006)
* Added company_id to consumables_users table

* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users

* Remove a migration that tries to fix this problem, but is not longer necessary
2019-07-15 13:02:44 -07:00
Kasey 03a4512406 fixing previous commit's actual wiping of password (#7183)
replaced Input::fille('ldap_pword') with _filled_.   Should be good to go.  

https://github.com/snipe/snipe-it/issues/7179

https://github.com/snipe/snipe-it/issues/7169
2019-06-19 14:21:53 -07:00
snipe de992e4df3 Fixed LDAP password blanking on save 2019-06-14 17:20:37 -07:00
snipe 49a255c8fb Changed has to filled to fix bulk asset editing 2019-05-31 14:11:43 -07:00
snipe d2bbc09892 Increased throttle to 120 requests per minute 2019-05-31 11:57:57 -07:00
vicleos c6039cbc1d Vicleos fix storage namespace (#6901)
* Update CompaniesController.php

fixed companies destroy error

* fix Storage namespace loss
2019-05-30 19:10:04 -07:00
snipe 74a2c29bc2 Fixed #7100 - Check if $user isset on checkin 2019-05-30 19:06:30 -07:00
snipe 2c64739e8f Removed old comments 2019-05-30 19:02:20 -07:00
snipe 829d44bd27 Fixed #7098 - updated backup config for deleteFile() method 2019-05-29 14:47:55 -07:00
snipe 2dd31544fe Increased image size to 800px, added lightboxes 2019-05-24 19:11:08 -07:00
snipe 6dcdb5abae Only display the file if the log record can be found 2019-05-24 16:06:52 -07:00
snipe 56576d9e45 Fixed more camel-casing -> snake-casing 2019-05-24 16:01:12 -07:00
snipe d5c3ee5ed0 Only try to get fieldset if model is valid 2019-05-24 15:44:54 -07:00
snipe 18db0a50f1 Only gtry to delete the file if a record is found in the log 2019-05-24 15:44:40 -07:00
snipe d596ced0a0 Fixed free_seats_count variable name
(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)
2019-05-24 15:44:18 -07:00
snipe 78fb2b2239 Only build the log upload destination path if there is a matching record
Fixes [ch1232]
2019-05-24 15:28:53 -07:00
snipe 1472e9d5b5 Check for valid model before attempting to access fieldsets
Fixes [ch1249]
2019-05-24 15:03:15 -07:00
snipe fcbc7e4540 Fixed Undefined variable user in $backto if checked out to a non-user
Fixes [ch9194]
2019-05-24 14:51:27 -07:00
snipe 93bf541ce7 Fixed missed consumables_count withCount() statement 2019-05-24 14:21:53 -07:00
snipe c5a23e8f5e Fixed bug where sorting by company name in Users API did not work
Fixes [ch9200]
2019-05-24 13:37:20 -07:00
snipe b6d2392303 Small fix for reordering fields
Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]

This needs revisiting for a more solid fix, especially for data that was already entered bad.
2019-05-24 12:05:52 -07:00
snipe 4be95eac4b Removed extra escaping on checkin 2019-05-24 11:44:39 -07:00
snipe 8914d14681 Tidied up license check 2019-05-24 05:26:52 -07:00
snipe d4725b61be Check that a model exists before trying to fiddle with fieldsets 2019-05-24 04:48:04 -07:00
snipe aa0b627fe7 Fixed missing asset validation 2019-05-24 04:47:35 -07:00
snipe 5be5e3271d Trying to fix ajax asset validation
This I think gets us closer, but still not handling the validation on the asset properly.

When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:

```
Illuminate\Support\MessageBag Object
(
    [messages:protected] => Array
        (
            [name] => Array
                (
                    [0] => The name field is required.
                )

            [seats] => Array
                (
                    [0] => The seats field is required.
                )

            [category_id] => Array
                (
                    [0] => The category id field is required.
                )

        )

    [format:protected] => :message
)
```

Currently the Assets ajax returns:

```
[2019-05-24 06:52:06] develop.ERROR: array (
  'messages' =>
  array (
    'model_id' =>
    array (
      0 => 'The model id field is required.',
    ),
    'status_id' =>
    array (
      0 => 'The status id field is required.',
    ),
    'asset_tag' =>
    array (
      0 => 'The asset tag field is required.',
    ),
  ),
)
```

So not sure why it’s not working.
2019-05-24 03:55:31 -07:00
snipe dd5d5cc07c Handle JSON validation errors like 5.4 2019-05-24 01:12:38 -07:00
snipe 84c3709161 Handle JSON validation errors like 5.4 2019-05-24 01:12:21 -07:00
sreyemnayr f85ac97d8c Feedback for Kits; Fix checkins for accessories (#7060)
* Kits feedback

* Fix accessory checkin
2019-05-23 19:39:30 -07:00
snipe bf93e8cc32 Use getReader instead of fetchAssoc for CSV parser
https://csv.thephpleague.com/9.0/upgrading/
2019-05-23 19:09:58 -07:00
snipe 2d036c64e9 Change ->has() to ->filled() 2019-05-23 17:39:50 -07:00
snipe 8db2470ac4 Switch has() to filled() 2019-05-23 17:17:46 -07:00
snipe 12ec2d1f7a Fixed custom field edit screen 2019-05-22 01:07:14 -07:00
snipe 6cd25fbdeb Updated backup path in backup admin 2019-05-22 00:56:14 -07:00
snipe 4be8ba9f17 Updated withCount to use manual naming 2019-05-22 00:52:51 -07:00
snipe bfb910f375 Set the serialization 2019-05-22 00:51:43 -07:00
snipe b2eacb147b Fixed #7046 - added user website url back into UI 2019-05-21 18:55:12 -07:00
snipe 0358d13ddb Fixed #7044 - API update deleted custom fields if they are not re-presented 2019-05-20 11:49:18 -07:00
snipe 9eb7b668d1 Fixed #6880 - correctly encrypt encrypted fields via the API 2019-05-15 19:33:30 -07:00
snipe 888bdbdb68 Added ability to update groups via API
Fixes [ch9139]
2019-05-15 16:39:34 -07:00
Ivan Nieto e40a5a70a5 RTF support added (#7024)
* Added the Gatte Facade to AssetsController

* Added the filetype RTF in the modal to upload files

* Added validation of RTF files
2019-05-15 15:47:40 -07:00
snipe d016076806
Fixed #6956 - viewKeys policy inconsistent (#7009)
* Fixed #6956 - Added additional gates show showing/hiding license keys

* Modified gate to allow user to see licenses if they can create or edit the license as well
2019-05-08 08:14:49 -04:00
snipe 407445456a Merge branch 'features/6204_email_audit-alerts' into develop
# Conflicts:
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/LicensesController.php
#	composer.json
#	composer.lock
#	config/version.php
#	resources/views/auth/two_factor_enroll.blade.php
2019-05-06 08:45:13 -04:00
snipe e5c2d77c7d
Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)
2019-05-05 22:32:52 -04:00
snipe e4a298ca2a Added scope for both overdue and upcoming 2019-05-05 22:13:30 -04:00
vicleos ab8792a13d Update CompaniesController.php (#6900)
fixed companies destroy error
2019-05-05 20:57:28 -04:00
snipe 0f0ffd39a8 Added ability to pass audit specs to main API asset search method 2019-05-05 19:19:56 -04:00
snipe ab060288fa Controller/API methods for due/overdue audits
We could probably skip this and just handle it via view in the routes…
2019-05-05 19:13:37 -04:00
ajsy 9b3a8c046c Update LocationsController.php 2019-05-03 15:21:57 +03:00
snipe ce16eae508 Merge branch 'master' of https://github.com/snipe/snipe-it 2019-05-02 15:20:52 -07:00
snipe dc73dbfbfd Fixed #6911 - note must be a string on license checkin 2019-05-02 15:20:47 -07:00
ajsy 38e8028300 Update LocationsController.php 2019-04-19 13:20:37 +03:00
snipe 420e8bc85a Allow phone number to be changed in Profile 2019-04-18 14:13:50 -04:00
Ivan Nieto b1f96448af Remove old redundant code in LicensesController, added an offset to AccessoriesController for pagination to work correctly (#6847) 2019-04-02 10:13:58 -07:00
Martin Meredith b779e274cc Fix usage of Google2FA Facade (#6864) 2019-03-27 22:01:38 -07:00
Martin Meredith 83257af267 Fix imports for 2FA Login (#6855) 2019-03-26 14:10:56 -07:00
snipe 109a29b5fc Fix error in tests 2019-03-20 04:39:50 -07:00
snipe acb90c7aee Horrible master -> dev merge that makes baby jesus cry :(
# Conflicts:
#	app/Http/Controllers/Auth/LoginController.php
#	composer.json
#	composer.lock
#	resources/views/auth/two_factor_enroll.blade.php
2019-03-20 02:24:23 -07:00
snipe bca82684a1 Merge branch 'hotfixes/2fa_qr' into develop
# Conflicts:
#	.all-contributorsrc
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/ImportController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/ImportsController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Requests/ItemImportRequest.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/version.php
#	docker/startup.sh
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
2019-03-20 02:17:02 -07:00
snipe da015ec4a8
Fixed #6834 and #6402 - use inline QR code generation for 2FA (#6840)
* Fixed  #6834 and #6402 - use inline QR code generation for

* Update auth controllers to use translations

* Updated composer lock

* Added comments

* Moar comments

* Typo
2019-03-20 01:24:31 -07:00
snipe 335e8ffaaa Typo 2019-03-20 01:22:20 -07:00
snipe 8d0ee9e531 Moar comments 2019-03-20 01:21:34 -07:00
snipe cc5c7d33e7 Added comments 2019-03-20 01:14:58 -07:00
snipe 5699e021de Update auth controllers to use translations 2019-03-20 00:50:09 -07:00
snipe cf92618c70 Fixed #6834 and #6402 - use inline QR code generation for 2019-03-20 00:49:44 -07:00
snipe a874dbb0d0 Working attempt, but will try with old library for mininal footprint 2019-03-19 23:18:16 -07:00
snipe 8ed268819e Fixed XSS 2019-03-18 21:09:57 -07:00
snipe dee92cfc6c
Fixes XSS vulnerabilities (#6831)
* Properly escape log_meta values

* Vue syntax fix to allow npm run dev to work again

* Janky fix for Select2 bug

* Compiled production assets

* Escape user’s last name in API

* Removed duplicate alertClass

* Compiled production assets
2019-03-18 20:49:32 -07:00
snipe 0e1289f12f
Fixes #6821 - fixed 2 fa active for users list (#6822)
* Fixed #6821 - confusing UI for 2FA when 2FA is universally enforced

I also updated the language in the user’s listing table to clarify what “activated” means

* Added login enabled info to user view

* Clarified comments

* Added info about 2FA on user profile

Because why not

* Added nowrap to table, and added 2FA reset for superadmins
2019-03-18 11:59:02 -07:00
snipe 7b33f95e83
Fixes/import permissions mask (#6826)
* Check for empty headers in import

* Added import permission

* Fixed model path in docblock

* Added import gate to default blade

* Check if the user is an admin OR idf they have import permissions

* Walked back that admin permission

Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission
2019-03-18 11:58:08 -07:00
Ivan Nieto bebdbdfb87 Fix #6763. Import Stuck Processing - Error - Can only flip STRING and INTEGER values! (#6804)
* Added validation for errors when the Import Field to map isn't setted

* A slightly correction to the error message

* Added the translation strings for the Error Message
2019-03-14 12:32:40 -07:00
snipe 96f069c417 Change action_datwe to datetime in transformer 2019-03-13 21:57:06 -07:00
Ivan Nieto c7f48951a9 Valo/checkin date in history of asset (#6733)
* To see checkin/checkout Date in History of Asset

* Added some logic to get today's date if the checkin_at input is blank

* Updating the action_date taking the value from the action_log table

* Hide created_at field and rename 'Action Date' as only 'Date'
2019-03-13 21:36:32 -07:00
Marián Skrip 8d63533205 Add write-only image_source field for asset create/edit API endpoint (#6146)
`image_source` should contain base64 encoded image data with mime-type.
2019-03-13 21:00:40 -07:00
Ivan Nieto 8c65214b1f Ignore the soft deleted assets in the eloquent query (#6824) 2019-03-13 20:14:30 -07:00
Martin Meredith e3e0d57f56 Minor code cleanup bits and bobs (#6805)
* Add IDE Helper files

* Cleanup imports

- Alphabetises imports
- Removes unused imports

* Add Platform requirements

* Move filling asset into block where asset exists

* Remove duplicate array keys
2019-03-13 20:12:03 -07:00
snipe 858d382e26 Changed logging to info level for LDAP 2019-03-13 15:14:03 -07:00
snipe de16fee00a Change image unlink error log to info from error 2019-03-13 12:22:12 -07:00
snipe 1b0d855c00 Added translation, removed commented out code 2019-03-13 12:15:48 -07:00
ajsy 57c0f69286
Update LocationsController.php 2019-03-09 13:45:19 +03:00
ajsy 311dd18443 Update LocationsController.php 2019-03-09 11:34:47 +03:00
snipe 61afdeac2e Merge branch 'develop' of https://github.com/VELIKII-DIVAN/snipe-it into VELIKII-DIVAN-develop 2019-03-08 16:18:48 -08:00
Martin Meredith 0840ab41d5 Hotfix: Fix ability to create assets (#6790) 2019-03-06 16:37:58 -08:00
snipe 5293cb30bd Merge branch 'fixes/only_present_image_url_if_image_present_in_profile_api' into develop 2019-03-05 23:54:08 -08:00
snipe 6d98bd6846
Fixed error if item requested or request was deleted (#6786)
ch628
2019-03-05 23:47:36 -08:00
snipe 0b0813b260 Fixed error if item requested or request was deleted
ch628
2019-03-05 23:46:40 -08:00
snipe 28a450ea25
Added ability to do full name search in user dropdown selectlist (#6784) 2019-03-05 21:13:39 -08:00
snipe 6696685d0b Merge branch 'fixes/full_name_search_user_selectlist' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	routes/api.php
2019-03-05 20:57:10 -08:00
snipe f065bd7784 Added ability to do full name search in user dropdown selectlist 2019-03-05 20:40:05 -08:00
Steffen de39906cae Put file contents instead of file object (creates subdirectory with a single file) (#6760) 2019-03-05 12:08:18 -08:00
snipe 288cc01c41 Merge branch 'features/accessories_users' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	config/version.php
#	routes/api.php
2019-03-01 17:30:03 -08:00
snipe 9575cd2651
Add accessories endpoint to user API (#6775) 2019-03-01 17:21:03 -08:00
snipe 348c13f318 Add accessories endpoint to user API 2019-03-01 16:31:22 -08:00
Steffen e1907e30b1 Allow multiple upload fields and add logo option to labels (#6736)
* Change upload js to work with multiple upload elements on a single page

* Change uploadFile in upload modal and form partial

* Change uploadFile to js-uploadFile to avoid potential issues in the future

* Remove duplicate style attribute causing webpack to fail

* Missed a css class in rename to js- prefix

* - Move logo uploads to partial for eaiser usage
- Add label logo
- Add css classes to label elements
- Change label prefix text (M: S: ...) to css::before content for easy removal in config

* Add more css classes to labels

* Allow unescaped " (quot) in css ouput

* Add max size param to partial, set defaults for allowedType and size
2019-03-01 15:25:42 -08:00
Dmitrii Minaev 16bb784e78 Codestyle & bug fixes 2019-02-28 01:37:58 +03:00
Dmitrii Minaev d3c320e56f Code comments and format 2019-02-23 22:44:03 +03:00
Dmitrii Minaev 5f3a0bdea5 app\Services\PredefinedKitService.php rename to app\Services\PredefinedKitCheckoutService.php
add accessories and consumables tables
add selectlist api to:
 app\Http\Controllers\Api\AccessoriesController.php
 app\Http\Controllers\Api\ConsumablesController.php
 app\Http\Controllers\Api\LicensesController.php
templates for selectlist
apply kit to user works
2019-02-19 22:19:00 +03:00
snipe 0242b3ec74 Handled JS cookie offset issue on the server side
We may want to handle this via the blades instead, as I’m not sure if API users will run into weirdness here.
2019-02-14 15:01:34 -08:00
snipe b26fbf986f Fixed issue where offset could be greater than total items, resulting in “No results” confusion 2019-02-14 14:49:08 -08:00
snipe 5c9b1ed43a Fixed #6676 - consumables API not respecting category id 2019-02-14 14:48:43 -08:00
snipe 0000f487ac Merge remote-tracking branch 'origin/fixes/password_confirmation_6703' into develop
# Conflicts:
#	config/version.php
2019-02-13 23:02:21 -08:00
snipe 35ebe33e4e
Fixed #6703 - fixes password confirmation (#6711)
* Fixed #6703 - fixes password confirmation

* Removed debugging

* Fixed tests

* I guess we use 10 as the settings for password min in tests

* One more try to fix tests - confirmation won’t validate until password validates
2019-02-13 23:01:19 -08:00
snipe d893837c86 Removed debugging 2019-02-13 21:32:26 -08:00
snipe 230c9da1df Fixed #6703 - fixes password confirmation 2019-02-13 21:30:15 -08:00
snipe cd333fa93b Fixed wonky merge :( 2019-02-13 06:52:36 -08:00
snipe 533649f24e Merge branch 'develop' into dev-master-integration
# Conflicts:
#	.gitignore
#	.travis.yml
#	app/Console/Commands/LdapSync.php
#	app/Console/Commands/SendExpectedCheckinAlerts.php
#	app/Console/Commands/SendExpirationAlerts.php
#	app/Console/Commands/SendInventoryAlerts.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/ManufacturersController.php
#	app/Http/Controllers/Api/StatuslabelsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetMaintenancesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/ForgotPasswordController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/Auth/ResetPasswordController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/Importer.php
#	app/Importer/ItemImporter.php
#	app/Importer/UserImporter.php
#	app/Importer/import_mappings.md
#	app/Models/Ldap.php
#	app/Models/License.php
#	app/Models/Location.php
#	app/Models/Recipients/AlertRecipient.php
#	app/Models/User.php
#	app/Providers/AppServiceProvider.php
#	composer.json
#	composer.lock
#	config/trustedproxy.php
#	config/version.php
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/importer/importer-file.vue
#	resources/lang/ar/admin/settings/general.php
#	resources/lang/bg/admin/settings/general.php
#	resources/lang/en-ID/admin/settings/general.php
#	resources/lang/en-ID/passwords.php
#	resources/lang/en/passwords.php
#	resources/lang/es-CO/passwords.php
#	resources/lang/es-ES/passwords.php
#	resources/lang/es-MX/passwords.php
#	resources/lang/es-VE/passwords.php
#	resources/lang/fi/admin/settings/general.php
#	resources/lang/id/admin/settings/general.php
#	resources/lang/id/passwords.php
#	resources/lang/ja/passwords.php
#	resources/lang/nl/passwords.php
#	resources/lang/pl/admin/settings/general.php
#	resources/lang/pl/passwords.php
#	resources/lang/pt-BR/admin/settings/general.php
#	resources/lang/pt-BR/passwords.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/admin/statuslabels/table.php
#	resources/lang/ru/passwords.php
#	resources/lang/sr-CS/general.php
#	resources/lang/sr-CS/mail.php
#	resources/lang/sv-SE/admin/settings/general.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/passwords.php
#	resources/lang/vi/admin/models/message.php
#	resources/lang/vi/admin/users/general.php
#	resources/lang/zh-CN/admin/settings/general.php
#	resources/views/importer/import.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/partials/forms/edit/image-upload.blade.php
#	resources/views/users/edit.blade.php
#	resources/views/users/view.blade.php
#	tests/unit/ImporterTest.php
2019-02-13 06:42:52 -08:00
snipe f1fa5bdaa9 Fixed (develop) #6704 - don’t apply gate to $arrays collection, just check that they can view assets 2019-02-13 04:56:13 -08:00
snipe aa1e06f021 One more time…. Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets 2019-02-13 04:46:19 -08:00
snipe 30b1cfabf5 Fixed dumb formatting 2019-02-13 04:45:21 -08:00
snipe e75d22ab73 Revert "Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets"
This reverts commit b1e17743b8.
2019-02-13 04:44:19 -08:00
snipe b1e17743b8 Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets 2019-02-13 04:35:55 -08:00
snipe b317fb8d83 Fixed #6367 - pass table name and column_id to scopeCompanyables 2019-02-13 01:29:53 -08:00
snipe e2c0f01a10 Fixed #6367 - pass table name and column_id to scopeCompanyables
Solves error: Integrity constraint violation: 1052 Column 'company_id' in where clause is ambiguous
2019-02-13 01:26:11 -08:00
snipe 245b3ca09f Fixed #6061 - Assigned user group cannot be removed 2019-02-12 23:49:42 -08:00
snipe f3c12f38b6 Fixed #6061 - Assigned user group cannot be removed
This bug was a result of attempting to check if the groups field had a value, and only THEN trying to sync the groups. This meant that uf you were removing ALL groups, the  sync wouldn’t be triggered.

This still needs to be updated in the API.
2019-02-12 23:43:38 -08:00
snipe 8e358faebc Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API 2019-02-12 22:15:32 -08:00
snipe 90cddb7aee
Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API (#6693)
Need to confirm that re-enabling `\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,` won’t mangle anything. I know we ran into some issues when testing a long time ago, but not sure those issues apply anymore, and I can’t remember what they were.
2019-02-12 22:08:38 -08:00
herroworrd 3f7d2aebc7 Fixed #6634: Asset Import History fixes and optimizations (#6657)
* Starting work on asset history importer.

* Starting work on asset history importer.

* Added checkin target.

* Last change... importing history should also probably be an admin only task.

* Added caching for user and asset queries.

* Updated cache keepalive time to DateTimeInterface

* Updated cache keepalive time to DateTimeInterface
2019-02-08 16:05:56 -08:00
snipe 4fd469e07b Prevent editing special users demo mode 2019-02-04 19:13:55 -08:00
snipe 59cb1e561e Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2019-02-04 18:59:53 -08:00
snipe 4fe63d2966 Fixed #6633 - return 200 status code on asset API 2019-02-04 18:59:49 -08:00
snipe 971fcf5800 Fixed #6633 - return 200 status code 2019-02-04 18:58:28 -08:00
Colin Campbell ef8e20f66b Alpine linux docker image (#6645)
* docker-alpine: Alpine linux container + apache 2.4 support

* docker-alpine: Force passport migrations (production mode Exception)

* docker-alpine: Copy default env in Dockerfile
2019-01-30 14:45:36 -08:00
snipe c1a4fbee16 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2019-01-25 13:34:57 -08:00
Colin Campbell 8c632f63b0 Misc ldap fixes (#6631)
* misc_ldap_fixes: Map location from OU, not group

* misc_ldap_fixes: Ensure ldap is initialised for import

* misc_ldap_fixes: Import Job Title

* misc_ldap_fixes: Import telephone, fix field select from schema

* misc_ldap_fixes: Cleanup login error-handling, fix boolean tests
2019-01-24 16:15:44 -08:00
snipe ec4161a959 Fixed typo 2019-01-24 15:21:38 -08:00
snipe 8f09cca043 Fixed incorrect group route 2019-01-24 15:17:11 -08:00
snipe b326d8593b Fixed bad groups route on error 2019-01-24 14:56:47 -08:00
snipe d1fe7abb18 Replaced custom deleted query scopes with onlyTrashed() 2019-01-24 14:47:44 -08:00
snipe 394e51029e Only try to upload the audit file if one is provided 2019-01-24 14:04:06 -08:00
snipe 4b8f9d810b Fixed #6625 - include fully depreciated date in custom asset report 2019-01-24 12:38:17 -08:00
bricelabelle 5281713fd9 Added #6617: View licenses checked out to an asset with the hardware API (#6621) 2019-01-22 14:47:40 -08:00
snipe 07eead2dbf Fixed bug where assets could be deleted without being checked back in [ch38] 2019-01-22 14:13:30 -08:00
NMathar 66f557d436 add user license api endpoint fix #6241 (#6616) 2019-01-22 13:48:15 -08:00
snipe fdd6ddf61b Fixed favicon upload
[ch309]
2019-01-18 14:05:52 -08:00
Ivan Nieto 310ed0f1d3 Fix an issue when trying to checkin a license seat. [ch46] (#6599)
* Fix an issue when trying to checkin a license seat.

* Minor changes in the checkin view, so it can returns to the expected place where the checkin is launched.
2019-01-17 20:36:40 -08:00
snipe b293d00699 Switch LDAP error to debug, to avoid crapping up the logs 2019-01-17 20:18:03 -08:00
snipe 1eace04ad9 Handle asset maintenances that do not have a valid asset associated 2019-01-16 02:26:42 -08:00
snipe 75a0cf97e2 Return an error if asset maintenance is associated with a non-existant asset 2019-01-16 02:19:57 -08:00
snipe a1f93e733c Fixed undefined error when maintenance is associated with a deleted asset 2019-01-16 01:45:51 -08:00
snipe 125938762b Patched #6565 to develop 2019-01-15 14:02:10 -08:00
Sxderp 187206cb88 Fix saving of REMOTE_USER setting broken by 1a64879b6 (#6565)
The previous commit made it such that remote user login could only
be enabled if two factor authentication was also enabled. Unnest
the configuration so that the setting can be applied without.
2019-01-15 13:59:36 -08:00
Steffen 61c619660d Initialize customFormat to prevent Blade error when creating new fields (#6596) 2019-01-15 13:56:56 -08:00
Steffen 1de9087427 LDAP fixes (#6533)
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder

* php 7.3 collect() fix (undefined variable)

* Fix travis ci

* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder

* php 7.3 collect() fix (undefined variable)

* change LDAP implementation from model to (singleton) service

* Re-apply check for content in ldap_server variable before parsing

* Update LDAP implementation

* Switch iCheck to minimal as referenced in js

* Don't init on load but on first access via init (returns ldap enabled status)

* Re-Enable notifications

* Re-add missing test target php versions

* Only init() once (singleton class, so ldap variable is already set)
2019-01-10 13:20:43 -08:00
Ivan Nieto 876ff2ef72 Fixes #6341. Some style changes in this fix. (#6492) 2018-12-14 18:08:33 -08:00
snipe 67f6df2be3 Fixed (develop) #4568 - escaping values in custom report 2018-12-12 19:40:15 -08:00
snipe 8f6ea84fca Fixed #4568 - escaping values in custom report 2018-12-12 19:38:24 -08:00
snipe ea1b792a93 Fixed #6491 - cleaner return methods for PHP 7.3 compact() 2018-12-12 18:23:39 -08:00
snipe 426dae0310 Fixed methods for PHP 7.3 compact() 2018-12-12 18:16:39 -08:00
snipe 86cc1a228d Fixed typo 2018-12-12 16:45:49 -08:00
snipe 394d265b96 Added XML to uploadable file type - re: #6099 2018-12-12 16:45:09 -08:00
snipe 93947b09c5 Small fix for #6484 - corrected LDAP sync command name 2018-12-11 15:18:30 -08:00
Wes Hulette b38d07064b Fixed: #5896 Custom fields of type "CUSTOM REGEX" are always saved as "ANY" (#6381)
* Fixed missing oauth tables during setup.

* Custom fields of type "CUSTOM REGEX" are always saved as "ANY" 

Fixes #5896

* Updated per PR

Fixed spelling

* Fixed logic error

Moved conditional code from view to controller
Added getFromatType function for dropdown
2018-12-06 20:05:04 -08:00
Wes Hulette 34246ee4ef [WIP] v5 Develop: New LDAP implementation (#6352)
* Fixed missing oauth tables during setup.

* WIP New LDAP implementation

* WIP New LDAP implementation

* WIP New LDAP implementation


Merge remote-tracking branch 'origin/WIP_LDAP' into WIP_LDAP

* WIP New LDAP implementation

Added Adldap2 to handle ldap intergration.

* Updated per PR quality review

* Added specific LDAP settings method

* Corrected version number

* Added return documentation

* Added imports

* Changed class to be injected into controller

* Updated with PR suggestions
2018-12-06 14:05:43 -08:00
snipe 3ed2f55696 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2018-12-05 19:56:18 -08:00
snipe 09c4dd4891 Added ability to upload favicon and email logo
todo: refactor the image upload/resize for less copypasta
2018-12-05 19:56:12 -08:00
Ivan Nieto f91e340178 Fixes #6341. Adding condition that checks offset of licenses seats when the user looks other page than the first. (#6392) 2018-12-05 18:09:54 -08:00
Minaev Dmitriy 0bbe499414 Kits checkout. But only with models. 2018-11-13 20:33:32 +03:00
Minaev Dmitriy 79d979f47f Full kits manipulation without users intagration 2018-11-06 19:27:28 +03:00
Wes Hulette 88b1da4260 Added: Caching of settings (#6378)
* Fixed missing oauth tables during setup.

* Cache settings

Cache the setting to reduce unnecessary database calls
2018-11-01 19:59:50 -07:00
Wes Hulette 0730685c29 v5 Develop Fixed: LDAP Settings Password being updated when field is empty (#6384)
* Fixed missing oauth tables during setup.

* Fixed password saving

Previous Input::has always returned true, even if password was an empty string.
2018-11-01 13:36:30 -07:00
snipe ea91d59ffc
Use username instead of email address in password reset (#6382)
* Switch to use username instead of email

* Fixed indenting

* Updated password language

* Updated blades to reflect username instead of email

* Changed password/reset controllers to use username instead of email

* Redirect to login page instead of repeating the password reset form
2018-10-31 18:03:24 -07:00
snipe 65aef11ae3 Fixed #5879 - added user department filter for custom report 2018-10-31 15:19:13 -07:00
snipe 8f22cf7c3c Added dept update API endpoint 2018-10-31 14:31:57 -07:00
Minaev Dmitriy 9d5cd27575 New save mechanic 2018-10-31 16:06:38 +03:00
snipe 29b0780c6c Added company info to asset maintenances transforrmer 2018-10-30 00:20:16 -07:00
snipe e443a576f7 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2018-10-19 16:46:53 -07:00
snipe 20b26effdb Fixed #6349 - add view permission for print all assigned 2018-10-19 16:46:46 -07:00
snipe 1a10aa0dda Fixed #6349 - add view permission for print all assigned 2018-10-19 16:43:28 -07:00
Minaev Dmitriy f1f7694835 Merge remote-tracking branch 'remotes/upstream/develop' into develop 2018-10-19 19:00:53 +03:00
Minaev Dmitriy 0e66c3cb56 Predefined kits test 2018-10-19 17:30:25 +03:00
Wes Hulette 465b69516d Fixed: #6259 - Remove remote JS/CSS file loading (#6330)
* Fixed missing oauth tables during setup.

* Remove remote JS/CSS file loading


Updated gravatar to return to default image

* Updated default avatar path to user url

Removed local html5shim & response js files.
Removed copying html5shim & respond js file to public directory
2018-10-17 12:52:01 -07:00
Joe Ferguson 704209de9c Fixed #6301: Do not allow duplicate asset tags (#6324)
* Fixed #6301: Do not allow duplicate asset tags

* Display error message for single asset_tag failure
2018-10-11 17:15:09 -07:00
snipe c7596e7741 Fixed image not uploading on asset create 2018-10-09 17:31:52 -07:00
snipe d4fa81301d Check if user can see assets in statuslabels gate 2018-10-09 16:34:12 -07:00
snipe a516e4278e Remove company select option if the user is not an admin and FCS is enabled 2018-10-05 07:30:42 -07:00
snipe ecb8204c3c Associate serials with multiple asset creation 2018-10-05 05:30:13 -07:00
snipe 476b58632b Handle array of asset tags
TODO: figure out how to display validation errors more sanely
2018-10-05 04:34:47 -07:00
snipe 84848fabd7 Fixed #6284 - missing checkout information on Status Labels API assets endpoint 2018-10-03 10:30:24 -07:00
Wes Hulette 4a88e155c4 Fixed: #6263 V5 (develop) - Missing oauth tables when using the setup wizard (#6268)
* Fixed missing oauth tables during setup.

* Merged develop changes

Removed PHP_CS file
2018-10-03 10:06:24 -07:00
snipe c8ad45b11e Port import manager code to develop 2018-10-03 00:52:29 -07:00
snipe c8bff3ef38
Features/add manager and dept to importer (#6277)
* Ignore the simlink for public storage

* Added manager and department to user import

* More UI importer tweaks

* Fisxed typos
2018-10-02 15:43:54 -07:00
snipe 79367642b1
[WIP] Added #5957 - Flysystem support (#6262)
* Added AWS url to example env

* Upgrader - added check for new storage path and attempt to move

* Ignore symlink

* Updated paths for models

* Moved copy methods

* Added AWS_URL support

For some reasin, Flysystem was generating the wrong AWS url (with a region included)

* Switch to Flysystem for image uploads

* Nicer display of image preview

* Updated image preview on edit blades to use Flysystem

* Twiddled some more paths

* Working filesystems config

* Updated Asset Models and Departments to use Flysystem

* Janky workaround for differing S3/local urls/paths

* Try to smartly use S3 as public disk if S3 is configured

* Use public disk Storage options for public files

* Additional transformer edits for Flysystem

* Removed debugging

* Added missing use Storage directive

* Updated seeders to use Flysystem

* Default logo

* Set a default width

We can potentially override this in settings later

* Use Flysystem for logo upload

* Update downloadFile to use Flysystem

* Updated AssetFilesController to use Flysystem

* Updated acceptance signatures to use Flysystem

* Updated signature view to use Flysystem

This isn’t working 100% yet

* Use Flysystem facade for displaying asset image

* Set assets path

Should clean all these up when we’re done here

* Added Rackspace support for Flysystem

* Added Flysystem migrator console command

* Added use Storage directive for categories

* Added user avatars to Flysystem

* Added profile avatar to Flysystem

* Added the option to delete local files with the migrator

* Added a check to prevent people from trying to move from local to local

* Fixed the selectlists for Flysystem

* Fixed the getImageUrl method to reflect Flysystem

* Fixed AWS copy process

* Fixed models path

* More selectlist updates for Flysystem

* Updated example .envs with updated env variable names

* *sigh*

* Updated non-asset getImageUrl() methods to use Flysystem

* Removed S3 hardcoding

* Use Flysystem in email headers

* Fixed typo

* Removed camera support from asset file upload

We’ll find a way to add this in later (and add that support to all of the other image uploads as well)

* Fixed path for categories

* WIP - Switched to standard handleImages for asset upload.

This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now.

* Fixed css URL error

* Updated Debugbar to latest version (#6265)

v3.2 adds support for Laravel 5.7

* Fixed: Missing CSS file in basic.blade.php (#6264)

* Fixed missing CSS file in basic.blade.php

* Added

* Changed stylesheet import for authorize.blade.php

* Updated composer lock

* Added AWS_BUCKET_ROOT as env variable

* Use nicer image preview for logo upload

* Removed AssetRequest form request

* Removed asset form request, moved custom field validation into model

* Added additional help text for logo upload

* Increased the size of the image resize - should make this a setting tho

* Few more formatting tweaks to logo section of branding blade preview

* Use Flysystem for asset/license file uploads

* Use Flysystem for removing images from models that have been deleted

* Enable backups to use Flysystem

This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3

* Use Flysystem to download license files

* Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
snipe eea65a3f26 Fixed manufacturers item count 2018-09-28 12:03:27 -07:00
snipe e5d0f74ba7 Fixed #6248 - add free seats to licenses API endpoint 2018-09-27 12:07:13 -07:00
snipe 55846cc717 Changed LOG:: to Log:: 2018-09-26 19:06:31 -07:00
snipe bcf9d2f75c Don’t require statuslabel view to check for deployable status 2018-09-25 13:39:54 -07:00
snipe 9108ff8caa fixed typo 2018-09-24 19:06:12 -07:00
snipe d5cf0f1fbd Prevent deleting manufactureres via API if they have items/models 2018-09-24 19:04:00 -07:00
Brady Wetherington c97db3259f
Merge pull request #5913 from tilldeeke/refactore-checkout-checkin-notification-sending
Refactor: Decouple checkin/checkout notifications from logging
2018-09-21 18:18:27 -07:00
snipe 4b2093b485 Added counts to location show() API method 2018-09-21 15:51:26 -07:00
snipe b69b5fdf84 Added counts to location show() API method 2018-09-21 15:50:14 -07:00
snipe d84366c6c5 Add empty array to groups if none filled in 2018-09-19 17:24:34 -07:00
Ivan Nieto b692f67779 Revision of #5471 (#6148)
* Search functionality in accessories/{accessory} issue #5471:
From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.

* A better fix to issue #5471. Now using the established relationship to querying for the users. Also Case-insensitive.

* Fixed previous commit that has magic number in the find method parameter of AccessoriesController.
2018-09-12 22:50:45 -07:00
Till Deeke 86f49d34c3 Redirects users from old acceptance screen to new overview 2018-09-10 17:13:16 +02:00
Till Deeke 007e8fbdf9 simplified checkout event handling per @uberbrady’s suggestion
This generalizes the checkout events into the CheckoutableCheckedOut and CheckoutableCheckedIn events.
2018-09-10 16:40:26 +02:00
snipe adf6e7d1cd Added group support for user API 2018-09-07 18:25:58 -07:00
snipe ff879e2018 Added the ability to update asset location when auditing - per #5854 2018-09-07 05:39:41 -07:00
snipe 26fd7f7e79 I have no idea why this was necessary suddenly 2018-09-06 14:28:04 -07:00
Ivan Nieto 0014ef054b Search functionality in accessories/{accessory} issue #5471: (#6070)
From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.
2018-08-28 13:25:16 -07:00
Wes Hulette 3831ee9f5a Fixed #5811 - Non US Characters in user export (#6132)
* Added Freebsd as vagrant machine for development

* Ran npm audit fix

Manually added peer depenencies

* Added charset=UTF-8 to content-type

Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
Dmitriy Minaev bc8fa31eb2 Add depreciation with half-year convention. Fixed #1237 (#6128)
* Add half-year convention in depreciation for Models/Depreciable.php

* Add a setting for the depreciation method

* Integrate half-year convention inside working output

* fix: add more checks at Depreciable.php

* depreciation value rounding

* Codestyle fix
2018-08-28 12:32:46 -07:00
snipe 771265113e Added cookie serialization for Laravel v5.6.30 2018-08-21 22:40:14 -07:00
snipe db907815ff Removed check for active in password reset form 2018-08-21 18:40:27 -07:00
snipe aed769c0be Honor active status for forgotten password request forms 2018-08-14 20:05:57 -07:00
snipe ae6abdddad Check the user is active before displaying password reset
This would only come into play if an inactive user already received a password reset email and then the system was upgraded to prevent those emails from being sent to inactive users
2018-08-14 19:04:47 -07:00
snipe 1543cdbc61 Set activated checkbox to 1 by default on new user 2018-08-14 18:17:37 -07:00
snipe 5db5134ae0 Set activated to default on when new user is created 2018-08-14 18:14:41 -07:00
snipe 05b2b8fb59 Tweaked code/language for password reset 2018-08-14 18:09:33 -07:00
snipe 25097bce31 Only allow activated users to reset their password 2018-08-14 18:04:27 -07:00
snipe 0100c56046 Only allow password reset if user is active 2018-08-14 17:46:29 -07:00
Till Deeke 62195a805a Adding some comments 2018-08-06 14:47:26 +02:00
Till Deeke 8c96e8fd4b Updates asset acceptance report to show unaccepted assets 2018-08-06 14:47:26 +02:00
Till Deeke 1bdf71b584 Handle side effects of accepting/declining
When declining an asset, it gets checked in.
2018-08-06 14:47:26 +02:00
Till Deeke 8648d53d25 Adds checkout acceptances
A checkout acceptance gets generated for every item that needs to be checked out. This resource tracks the user user who can accept the item and their signature
2018-08-06 14:47:26 +02:00
Till Deeke 6b05106dcb Moves license checkout stuff to the license seat
Since we are really checking out a license seat instead of the whole license, we operate the checkin/checkout on the license seat instance.
2018-08-06 14:47:26 +02:00
Till Deeke 830a6cf67e Adds accepting/declining to new controller 2018-08-06 14:46:10 +02:00
Till Deeke 39e6b59335 Fixes some typos 2018-08-06 14:46:10 +02:00
Till Deeke e0423418d2 Moves logging checkin/checkout to separate listener 2018-08-06 14:46:10 +02:00
Till Deeke e24f292a1a Updates checkout events to not depend on log 2018-08-06 14:46:10 +02:00
Till Deeke 17fc59f989 Adds back the checkin/checkout events after #5916 2018-08-06 14:46:10 +02:00
Till Deeke f0acf47101 Adds checkin events 2018-08-06 14:46:10 +02:00
snipe 1a660911e7 Check for minimum PHP version in setup 2018-08-02 21:36:18 -07:00
Daniel Meltzer e368a20427 Use filled instead of has. (#6033)
I think this merged in a weird order and was missed by the global
find/replace.  This fixes bulkassets/bulkusers editing.

At some point we should look at refactoring BulkAssetsController@edit to
only run one DB query, rather than one per item.
2018-08-02 09:54:19 -07:00
Daniel Meltzer 2637ce56a1 Allow importcontroller to return 200 for failed delete. (#6034) 2018-08-02 09:53:54 -07:00
snipe f5a5d830a5 Better handling for deleting imports where the files may have been moved 2018-08-01 20:49:55 -07:00
snipe 9168979d9e Fixed #6027 - added model to asset maintenances listing 2018-08-01 18:24:52 -07:00
snipe 3f394f42c7 Partial fix for better UI on deleting files
Still needs Vue stuff
2018-08-01 18:01:16 -07:00
snipe b2c99c88bb Fixed #6028 - added supplier url to list view 2018-08-01 17:37:58 -07:00
snipe 694166862e
Added attempted logins admin screen (#6018)
* Added attempted logins admin screen

* Smaller table spacing
2018-08-01 03:51:59 -07:00
snipe 911c2398ef Fixed #6004 - set a default next_audit_date if none provided 2018-08-01 03:04:29 -07:00
snipe 2c38036123
Improvement: Better documentation, small refactors (#6017)
* Better documentation, small refactors

* Small comment fixes
2018-08-01 00:06:41 -07:00
snipe b1b5eeecba Fixed #6013 - add accessory checkout notes to detail page 2018-07-31 16:00:38 -07:00
snipe 400913631c Use language strings for bulk password reset 2018-07-30 20:37:19 -07:00
snipe 006a3adea0 Added ability to trigger forgotten password emails for users 2018-07-30 20:31:02 -07:00
Daniel Meltzer 248fcfa869 Move findLicenseSeatToCheckout back to controller. (#5970)
* Move findLicenseSeatToCheckout back to controller.

After discussion, move findLicenseSeatToCheckout method back to
controller from form request.  Also cleanup one tiny bit more with null
coalesce operator (Yay php 7).

* Revert Earlier change.

$target only exists in the checkoutTo* methods.  Need to log the
checkout individually in each of those.
2018-07-27 12:03:04 -07:00
Daniel Meltzer 94c79fa69a Fixed #5964 - Feature: Group IDs can be passed to User Create. (#5990)
Also added to update, and adjusted api tests to confirm.  Long term it
might be nice to look at support for passing group names instead.

Bug: 5964
2018-07-27 12:01:59 -07:00
Daniel Meltzer a3811f632d Licence != License (#5993) 2018-07-27 12:01:25 -07:00
Daniel Meltzer 49d95892e3 Port asset history importer to league/csv9 (#5972) 2018-07-26 12:04:21 -07:00
snipe 9618878023 Restrict users asset listing to just assets checked out to users 2018-07-25 21:40:33 -07:00
snipe 614e858e44 Restrict users asset listing to just assets checked out to users 2018-07-25 21:38:14 -07:00
snipe 373885ebd1 Use Storage for file uploads (not model images) 2018-07-25 11:57:49 -07:00
snipe a9fd9c9e59 Moved gates to individual controller methods to fix “This action is unauthorized” in route:list 2018-07-25 10:45:32 -07:00
snipe 63bf71b071 Use Storage methods for asset/license files 2018-07-25 09:48:50 -07:00
snipe 7a9a78ec53 Make Codacy happy by reversing the signature params 2018-07-25 07:14:16 -07:00
snipe 501f096a2c Updated spatie backup config file for their latest version 2018-07-25 01:36:30 -07:00
snipe 7af633177a Fixed filledFile back to hasFile 2018-07-24 22:52:49 -07:00
snipe 86c1f11bec Change $request->has to $request->filled unilaterally 2018-07-24 22:51:31 -07:00
snipe 0714ac4248 Update withCounts because Laravel 5.5 :( 2018-07-24 22:40:05 -07:00
snipe 7bb50a61a7 Applying @dmeltzer’s changes from afc8ac5e72 2018-07-24 21:13:02 -07:00
Daniel Meltzer 64d649be7f Monster: Cleanup/Refactor http controllers. (#5916)
* Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods.

* Use same image upload/layout in accessories as consum+components.

* Monster: Cleanup/Refactor http controllers.

This cleans up docblocks, pulls most non-crudy actions into their own
controllers, and does general cleanup/logic refactoring.  There /should/
be no functional changes, but we all know how should works..

Extract checkin/checkout functions to a separate controller for accessories.

Move controllers to subdirectory.

Cleanup AssetModelsController

Extract component checkin/checkout

Assorted cleanups/doc/formatting in controllers.

Refactor LicenseController.

Refactor UsersController

Update viewassetscontroller.

* Codacy cleanups

* More codacy cleanups.  Extract a LicenseCheckout Form request as well.

* A bit more refactor/cleaning of the license checkout method.

* Review Related Cleanups

* Fix most of the item_not_found translations.  In many cases, the
string being generated did not even use the id parameter.  Where it
does, pass it as id instead of as a different value.

* Remove some old $data arrays from when we manually sent emails from
the controllers.  This has been superseeded by the notification system
(yay!)

* Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
snipe e320d2ba05
Fixed #5944 - added logo option for print-assets page (#5950) 2018-07-24 13:37:02 -07:00
snipe ed78a4b8a0 Fixed activated issue for strict mode 2018-07-24 13:28:59 -07:00
snipe 376eb52f00 Fixed #5938 - added “self location edit” as permission 2018-07-24 12:42:16 -07:00
snipe f4cfb31bf4 Use request object 2018-07-24 12:10:02 -07:00
snipe 227dc7e81d Save model display setting - fix for issue in #5301 2018-07-24 12:10:02 -07:00
Azerothian 66c3f5432d implemented specific seat checkout (#5887) 2018-07-23 20:28:45 -07:00
Daniel Meltzer 059126f642 Checkout update locationid (#5919)
* Fix missing punctuation.  Bad merge.

* If we're checking out to an location, use it's id instead of location_id
2018-07-23 06:47:21 -07:00
Daniel Meltzer 3bc43210ab Add ID to the allowed sort fields in api/Users. (#5929) 2018-07-23 06:46:50 -07:00
Daniel Meltzer 82194cef8a bugfix: updating a user when an admin (not a superuser) would remove any groups from the user. (#5914) 2018-07-21 23:02:06 -07:00
snipe d45e90e358 One more fix for #5893 2018-07-19 14:45:28 -07:00
snipe 7ebb7876c4 Partial fix for #5896
Still need to fix the front end on edit, which seems to be defaulting to boolean
2018-07-19 10:40:07 -07:00
snipe a0c0b7b1eb Fixed #5893 - activated typo 2018-07-19 10:22:08 -07:00
snipe 9d00ae6e50 Fixed #5894 - lookup by asset tag in top search broken 2018-07-19 10:14:02 -07:00
snipe d309f67df0 Set activated to zero if no values passed for active user 2018-07-18 08:27:26 -07:00
snipe 1c0ee7c4c5 Fixed license checkout gate 2018-07-18 05:33:14 -07:00
snipe 5a1e1c73c9 Include show_in_list option in select 2018-07-18 03:59:02 -07:00
snipe 3be68ec721 Fix location edit permissions 2018-07-18 03:43:45 -07:00
snipe 027edbdb21 Fixed #5872 - asset maintenances listing showing created_at instead of start_date 2018-07-18 02:24:53 -07:00
snipe bcd988bb81 Merge branch 'develop' of https://github.com/DeusMaximus/snipe-it into develop
# Conflicts:
#	app/Http/Controllers/Auth/LoginController.php
2018-07-17 01:11:15 -07:00
snipe bf761946da Fix activated check for login 2018-07-16 23:48:46 -07:00
snipe d9fa2f0e91 Fixed #5842 - added components to location detail view 2018-07-16 21:50:14 -07:00
DeusMaximus 7c2da81700
Fix REMOTE_USER Header with IIS and AD
Remove DOMAIN\ portion of DOMAIN\user when using Windows Authentication and IIS with REMOTE_USER.
2018-07-17 14:03:19 +10:00
snipe a4799a495a
Fixes #5859 - add file name/size to file upload UI (#5861)
* Fixes #5859 - add file name/size to file upload UI

* Reverting assetcontroller

Not sure exactly what happened here…

* Production assets
2018-07-16 20:09:53 -07:00
Daniel Meltzer 638a7b2d91 Assetcontroller cleanup (#5858)
* Extract method/cleanup

* Remove apiStore method that is unusued since api controllers.

* Use proper model exception

* Remove old user importer.  This is now supported by the general importer framework.

* Refactor AssetsController methods.

This is a giant diff without many functional changes, mostly cosmetic.
I've pulled a number of methods out of assetscontroller, preferring
instead to create some more targetted controllers for related actions.
I think this cleans up the file some, and suggests some places for
future targetted improvement.

Fix weird missing things.

* Fix Unit test failing after date changes.

* Pass valid string to be translated.

* Some method cleanup for codacy.

* Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
Daniel Meltzer 8f6e0ad5be Only error if checking out to asset with same id (#5845)
A user with an id of 2 is perfectly fine as a checkout_target of an asset with an id of 2.
2018-07-16 14:25:36 -07:00
Daniel Meltzer 50e0b9b84e category_id not category_i (#5844) 2018-07-16 14:23:24 -07:00
Daniel Meltzer b6b93550fe Remove old helpers (#5843)
* Cleanup model bulk-edit

Use the general partials where appropriate, as well as display a list of
what models we are editing in the bulk edit.

* Use new api based fetch/display for modal select2.

This is just copy/pasting the code currently because I'm not entirely
sure how the two pieces of code interact.

* Remove old helper functions that are no longer necessary with our populating of select2 dropdowns via ajax.
2018-07-16 14:22:25 -07:00
Till Deeke baa3be728d Refactoring: A nicer and easier syntax for searching models (#5841)
* Adds the ability to search by dates

Adding extra „where“-conditions to the „TextSearch“ queries, allowing the users to search by dates

* Adds missing dates to $dates in models

* Removes duplicated „where“ conditions

* Adds the Searchable trait to models, defining the searchable attributes and relations

* Removes the old text search methods

* Adds back additional conditions to the search

These conditions could not be modeled in the „attributes“ or „relations“, so we include them here

* Removes unnecessary check for the deleted_at attribute

* Fixes typo in comments

* suppresses errors from Codacy

We can safely ignore the error codacy is throwing here, since this method is a standin/noop for models who need to implement more advanced searches
2018-07-16 14:13:07 -07:00
Till Deeke 240e642fe9 Removes the unused bulk operations for components (#5840) 2018-07-16 14:11:38 -07:00
Till Deeke 07a92d20d7 Fixing #5773: Refactoring the "clearing" of select2 lists (#5839)
* adds select2 placeholders to select lists

To allow us to clear the selection on „select2“ selects, we need a placeholder attribute

See: https://select2.org/placeholders

* Removes empty option from multiple select

select2 requires an empty option value on singular selects, but not on multiple selects.

When selecting multiple options, this empty option would be shown as selectable otherwise, not clearing the selection.

* Adds the option to clear select2 instances

Sets the correct options to allow clearing of out select2 instances. The empty placeholder is required, since clearing only works when a placeholder ist set (event an empty one).

See: https://select2.org/placeholders

* Removes the „Clear selection“ option from select lists

Since we can clear the select2 lists with their native clearing method, we can remove this hack

* Updates generated assets (css/js)
2018-07-16 14:10:54 -07:00
Till Deeke 0fb9f42ba4 Removes setting the encryption status on update (#5833)
When we are updating a custom field, we don’t want to change the „field_encrypted“-setting on it.
2018-07-13 04:04:30 -07:00
Till Deeke 27699aa99c Adds permission checks for custom fields and custom fieldsets (#5645) (#5795)
* adds permission checks to custom fields

* adds permission checks to custom fieldsets

* adds separate permissions for custom fieldsets

* check for permissions in views

* Removes custom fieldsets from permissions config

* Proxy the authorization for custom fieldsets down to custom fields.

This allows us to use the existing permissions in use and have more semantically correct authorization checks for custom fieldsets.

* simplifies the authorization check for the custom fields overview

* removes special handling of custom fieldsets in base policy

I just realised that this code duplicates the logic from the custom fieldset policy.
Since we are checking for the authorization of custom fields anyway, we can just use the columnName for the fields.

* cleanup of unused imports
2018-07-12 18:28:20 -07:00
Till Deeke 48bbbe0f40 Fixing authorization issues (#5807)
* adds permission checks for companies

* adds permission checks for depreciations

* adds permission check for all reports

* fixes permissions for departments

* fixes permission naming (edit -> update)

* fixes authorization checking wrong permission in API

The authorization was checking for the non-existent „edit“ method where it should have checked for the „update“ method.

* adds authorization checks for select2 lists

* adds missing authorization checks for api

* fixes user authorization check for creating users

* adds additional check viewing assets on showing a users assets

* Removes authorization checks for select2 lists

Reference: https://github.com/snipe/snipe-it/pull/5807#pullrequestreview-136018755
2018-07-12 18:28:02 -07:00
Antti 9dc226e3d6 Feature: PostgreSQL support (#5642)
* Made migrations work with pgsql and changing empty integers to null

* Fixed the last functional test
2018-07-12 18:24:43 -07:00
Jason 98b20fc1cd Added option to include model information on asset labels. (#5301)
* Added option to include model information on asset labels.

Cleaned up label page to fix skewed label alignment on last row per page.

* Changes made per Snipe's direction

changed type from tinyint to boolean in DB
changed labels back to initials
2018-07-12 18:23:12 -07:00
snipe 78530ae123 Fix tests 2018-07-09 21:57:45 -07:00
snipe 339263a295 Fixed #5751 - added option for unique constraint on serial 2018-07-05 19:30:36 -07:00
snipe a44bd9abe0 Disallow deleting category if there are licenses 2018-07-05 18:02:25 -07:00
snipe 4099c06b27 fix middleware priority: handle trusted proxies prior setup check
From @plexorama
2018-07-05 15:36:59 -07:00
snipe 869de3d251 Fixed broken pagination on status labels API 2018-07-05 14:42:39 -07:00
Juan Font 311f9fcefb Implemented method to get info on the current user of the API (#5722)
* Implemented method to get info on the current user of the API

* Move userinfo method to UsersController

* Added missing files
2018-07-02 20:35:10 -07:00
snipe d7dc4ae0c0 Added manager to custom report 2018-06-27 00:45:09 -07:00
snipe f8429ad357 Merge branch 'docker-fixes' of https://github.com/thelamer/snipe-it into thelamer-docker-fixes 2018-06-21 07:31:15 -07:00
Djamon Staal 32e3f748d8 Make version footer configurable. (#5730) 2018-06-21 07:12:16 -07:00
snipe 1a64879b65 Only allow remote user settings to be saved if the app is not in demo mode 2018-05-31 10:55:48 -07:00
snipe e636875797 Merge branch 'develop' 2018-05-21 14:56:57 -07:00
snipe d89ef43834 Make category counters ints 2018-05-18 16:05:12 -07:00
snipe 8eb96efa13 Merge branch 'develop' 2018-05-16 19:38:23 -07:00
snipe e9973670ea Could should not be equal to 1 2018-05-16 19:38:02 -07:00
snipe ef8d2d06df Fixes #5519 - count() for php 7.2 2018-05-16 19:35:14 -07:00
snipe 0b5bb520a7 Merge branch 'develop'
# Conflicts:
#	config/version.php
2018-05-16 19:24:31 -07:00
lea-mink 233fb23cb8 Create asset maintenance - Added orange bar for required asset to edit view (#5520)
* Added orange bar for required asset to edit view

* disable redirection to asset maintenances view

* Update - disable redirection to asset maintenances view
2018-05-16 19:23:23 -07:00
snipe 4c656c0321
De-normalize new counters from 4.3.0 (#5547)
* Added de-norm counter migration for assets

* Renaming counter columns, since Eloquent has a magical *_count helper

* Added artisan command to sync counters (one-off)

* Update API to use de-normed fields

* Increment counters for checkin;/checkout

* Derp.

* Added request increment/decrementer

* Move increment for checkout to the Asset::checkout method

* Added “could take a while” message
2018-05-16 19:20:43 -07:00
snipe 4ba9792fbe Merge branch 'develop' 2018-05-09 15:29:59 -07:00
snipe 8ad5eb3e59 Fixed #5500 - present() on correct location value 2018-05-08 09:21:43 -07:00
snipe 3df8fa99f0 Merge branch 'develop' 2018-05-08 07:37:44 -07:00
snipe 13195d06fd Fixed #5491 - added default location filter for custom report 2018-05-08 07:34:14 -07:00
snipe 25f537e730 Merge branch 'develop'
# Conflicts:
#	config/version.php
2018-05-08 03:49:28 -07:00
snipe 04709dc1df Fixed #5477 - added GDPR privacy policy link in email and webpage 2018-05-08 00:50:13 -07:00
snipe 7b8362b64c Added license categories 2018-05-04 21:01:38 -07:00
snipe a9fc7e04e9 Fixed php7.2 count issue 2018-05-04 21:00:58 -07:00
snipe ec1fa8e90a Merge branch 'develop' 2018-05-03 08:06:58 -07:00
snipe 3a1b432234 Fixed #5472 - show_in_email for custom fields missing in edit field UI 2018-05-03 08:06:28 -07:00
snipe 0472e3a3e5 Merge branch 'develop' 2018-05-02 14:41:10 -07:00
lea-mink a0afa9f2e8 Modified the affectation of the value of the password in credential mail sent for the first user sign up (#5446)
* Modified the affectation of the value of the password

* Remove e()
2018-05-02 14:40:41 -07:00
snipe 0116fa9b95 Merge branch 'develop'
# Conflicts:
#	config/version.php
2018-05-02 14:35:16 -07:00
snipe 0be69f57ac Improved files display 2018-05-02 14:13:06 -07:00
snipe 97f748d58e Removed old reports methods and routes
We only use the custom asset report now
2018-05-02 03:44:31 -07:00
snipe 71708e349c
PHP7.2 count fixes (#5427)
* PHP 7.2 count() fixes

* Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
snipe 6df7f6d6ec Fixes wrong users index route name 2018-04-26 16:31:02 -07:00
snipe 5365182c86 Fixed advanced search on supplier, count for PHP7.2 2018-04-25 20:25:03 -07:00
Hannah Tinkler c4c520c1a3 Fixes #4445: prevents assigned assets from being checked out in bulk checkout (#5421)
* Fixes #4445: prevents assigned assets from being checked out in bulk checkout

* Updates data attribute to more versatile 'data-asset-status-type'

* Fixes broken unit test
2018-04-25 02:39:23 -07:00
snipe 088eb3da14 Merge branch 'develop' 2018-04-24 13:24:24 -07:00
snipe 0e1dfcf408 Changed directory for audits image dir 2018-04-24 13:20:15 -07:00
snipe 3ca9f5f389 Merge branch 'develop' 2018-04-24 12:49:28 -07:00
snipe 1708bb5cdf Fixes #5422 - remove extension ending from uploaded file name 2018-04-24 12:47:09 -07:00
snipe 8127484081 Better error checking for private file display method 2018-04-24 03:12:30 -07:00
snipe 103c75e78c Removed max cap in image validation 2018-04-24 03:12:17 -07:00
snipe ea54d73911 Merge branch 'develop' 2018-04-24 02:59:19 -07:00
snipe 1ef4cc9fc2 Fixed #4301 - added image upload to audit 2018-04-24 02:54:54 -07:00
lea-mink c8cbc55b59 Bulk Checkout to Assets and Location (#5385) 2018-04-23 21:24:49 -07:00
Hannah Tinkler 8d501e1c24 Feature/custom fields default values (#5389)
* Fixes CustomFieldsetsController::fields() which I think is not used anywhere else and don't think ever worked as you can't call get() on a Collection.
Have tested extensively and doesn't seem to affect anywhere else?

* Adds default value functionality

* Adds built assets

* Fixes assignment to asset_model_id which should have been evaluation and alters route so it sits more in line with existing work

* Updates built assets

* Remove silly docker.env file; fix Dockerfile to preserve Oauth keys (#5377)

* Added department to custom asset export
Updates build assets

* Adds translation support for 'add default values' checkbox label
2018-04-23 21:16:55 -07:00
snipe 132a5d424d Check for valid accessory category 2018-04-23 16:04:01 -07:00
snipe 4c5f20fde4 Merge branch 'develop'
# Conflicts:
#	app/Importer/Importer.php
#	config/version.php
2018-04-23 13:33:34 -07:00
Stephen c23955d0b5 Allow setting of "ldap_import" through the API (#5218)
* Allow setting of "ldap_import" through the API, this will allow cusom scripts to be made to import data from Active directory using the API, this would allow any field to be filled such as the manager (based on the ID), department etc.

* Password fix for LDAP through API
2018-04-20 14:02:52 -07:00
snipe 6efe9efab8
Fixes #5393 - added notes to suppliers API (#5400) 2018-04-19 18:28:22 -07:00
snipe 5948a0b235 Added department to custom asset export 2018-04-16 20:10:38 -07:00
snipe bbc0695a8f
Added count of checkins, checkouts, requests (#5314)
* Added count of checkins, checkouts, requests

* Removed old commented items

* Use actionlog instead of redefining the relationship
2018-04-06 16:23:39 -07:00
snipe 2253439940 Added default location/address to custom report 2018-04-05 17:33:25 -07:00
snipe 8a6713d5c0
WIP - Improved requested assets (#5289)
* WIP - beginning of improved requested assets

- Use Ajax tables for faster loading
- Use new notifications for requesting an asset

TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user

* Only show asset name in email if it has one

* Refactor requested method to only include non-canceled requests

* Refactored requestable assets to log request and cancelation

* Added softdeletes on checkout requests

* Differentiate between canceling and deleting requests

* Added asset request cancelation notification

* Added timestamps and corrected unique key on requests table

* Improved requests view

* Re-use blade for cancel/request email

* Refactored BS table formatter for requested assets

* Location name min reduced to 2

* Added PAT test as maintenance option

This needs to be refactored into database-driven options with a UI

* Better slack message

* Added getImageUrl method for assets

* Include qty in request notifications

TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1

* Removed old asset request/cancel emails

* Added user profile asset request routes

* Added profile controller requested assets method

* Added blade link to requested assets for profile view

* Sort user history desc

* Added requested assets blade

* Added canceled at to checkoutRequest method

* Include qty in request

* Fixed comment, removed allowed_columns

* Removed Queable methods, since we don’t use a queue

* Fixed return type in method doc

* Fixed version number

* Changed id to user_id for clarity
2018-04-04 17:33:02 -07:00
snipe 201efecafa Fixed #5293 - component category drilldown 2018-04-02 16:12:19 -07:00
snipe b41adc2eee Merge branch 'develop' 2018-03-26 16:05:50 -07:00
snipe 115d6e29df Added location address to custom asset report export 2018-03-26 15:59:09 -07:00
snipe 83781f3a70 Merge branch 'develop'
# Conflicts:
#	config/version.php
2018-03-26 15:20:40 -07:00
snipe 46f5f21368
Notification improvements (#5254)
* Added “show fields in email” to custom fields

* Added “show images in email” to settings

* Added nicer HTML emails

* Break notifications out into their own, instead of trying to mash them all together

* Remove old notification for accessory checkout

* Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you”

* Add method for image url for accessories

* Added accessory checkout email blade

* Make accessory email notification on checkout screen consistent with assets

* Added native consumables notifications

* Fixes for asset notification

* Updated notification blades with correct-er fields

* Updated notifications

* License checkin notification - does not work yet

Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target

* Added alternate “cc” email for admins

* Only try to trigger notifications if the target is a user

* Fix tests

* Fixed consumable URL

* Removed unused notification

* Pass target type in params

* Show slack status

* Pass additional parameters

There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck.

* Pass a variable to the notification to supress the duplicate slack message

* Slack is broken :( Trying to fix

Will try a git bisect

* Put preview back into checkout

* Pulled old archaic mail

* Removed debugging

* Fixed wrong email title

* Fixed slack endpoint not firing

* Poobot, we hardly knew ye.

* Removed old, manual mail from API

* Typo :-/

* Code cleanup

* Use defined formatted date in JSON

* Use static properties for checkin/checkout notifiers for cleaner code

* Removed debugging

* Use date formatter

* Fixed target_type

* Fixed language in consumable email
2018-03-25 13:46:57 -07:00
snipe b6bf3800c7 Merge branch 'develop' 2018-03-23 16:20:09 -07:00
snipe 34919b0396 Added API calls to look up assets by tag and serial 2018-03-23 14:50:11 -07:00
snipe 469efc923b Merge branch 'develop'
# Conflicts:
#	README.md
#	config/version.php
2018-03-22 20:08:55 -07:00
Brady Wetherington 085f909f35 Change duplicate header check to return 1-based header indices 2018-03-22 19:40:12 -07:00
Brady Wetherington 0b0243a5e0 Hoist file-reading before file-renaming, catch duplicate headers (#5244) 2018-03-22 19:16:15 -07:00
snipe a79ec0d408 Merge branch 'develop' 2018-03-22 14:18:30 -07:00
snipe 140724be2e Fixed #5217 - permissions error with importer for non-admins 2018-03-22 14:17:44 -07:00
David Kaatz 1c777888d5 Authentication via REMOTE_USER (clean repull) (#5204)
- Implementation in Login
- Configuration
- Database migration
2018-03-21 19:09:37 -07:00
Brady Wetherington 625810cd8a Support \r-terminated files better from the Importer (#5184)
* Hoist the ini_get/ini_set auto-detect line endings code higher

* Placate the irascible Codacy
2018-03-21 19:08:06 -07:00
snipe d911b776bf Check for associated maintenance asset
This should probably never happen, but triggers on the demo sometimes because of fluctuating data seeding
2018-03-21 19:08:06 -07:00
David Kaatz 53735f2026 Authentication via REMOTE_USER (clean repull) (#5204)
- Implementation in Login
- Configuration
- Database migration
2018-03-14 12:48:07 -07:00
David Kaatz a43b31400f Authentication via REMOTE_USER (#5142)
* Added authentication via Remote User

* - Removed nullable from remote_user settings fileds and used just default values instead
- Removed german translations
- Removed 401 error page and replaced usage with 403 error page as 401 was actual a duplicate of 403
- Replaced usage of $_SERVER['REMOTE_USER'] with Laravels API Request::server('REMOVE_USER')

* - Fixed request usage
2018-03-13 20:07:52 -07:00
Brady Wetherington e15f2ac8ab Support \r-terminated files better from the Importer (#5184)
* Hoist the ini_get/ini_set auto-detect line endings code higher

* Placate the irascible Codacy
2018-03-13 20:06:53 -07:00
snipe fc8637c81a Check for associated maintenance asset
This should probably never happen, but triggers on the demo sometimes because of fluctuating data seeding
2018-03-07 22:22:36 -08:00
snipe 1d130b4a89 Fixed asset model permission not granted for edit 2018-03-07 18:22:49 -08:00
snipe 17e0154995 Fixed #5160 - make field_values readable via custom fields API 2018-03-06 13:11:45 -08:00
snipe 1e22b8e567 Fixed #5138 - added default_label flag to status labels 2018-03-05 22:04:16 -08:00
snipe a5c6ddb8ac Change gate for updating assets via the API to edit 2018-03-05 21:27:17 -08:00
snipe 36cd63836e Fixed #5151 - added asset tag to maintenances 2018-03-05 16:26:40 -08:00
snipe 9effa3d2ab Fixed manufacturer restore 2018-03-03 19:14:27 -08:00
snipe 0782222c6b Removed commenting
This restore() is still not working, though not sure why. Seems like it should be pretty straghtforward, and yet…

Additonally, manually setting the deleted)at date to null or blank isn’t working either. I’m sure I’m just missing something obvious.
2018-03-03 18:49:02 -08:00
snipe f7784b6543 Fixed #2402 - add ability to restore manufacturers 2018-03-03 18:46:19 -08:00
fordster78 68a9855506 New First Admin Notification (#5147)
* New First Admin Notification

* Include Last name in Welcome and First admin Notifications
2018-03-03 14:37:42 -08:00
fordster78 688a3251a9 New Welcome Notification (#5146)
* New Test Notification

Created Test Notification.
Updated Vendor Mail message.blade files.
Updated api settings controller to use Notification Façade.

* Add show URL in Emails condition

* New Welcome Notification
2018-03-03 12:44:41 -08:00
snipe 4ab1d5ca7f Fixed #5110 - crash on accessory checkin missing last_name 2018-03-02 19:26:41 -08:00
fordster78 4e0c8e218d New Test Notification (#5137)
Created Test Notification.
Updated Vendor Mail message.blade files.
Updated api settings controller to use Notification Façade.
2018-03-02 18:01:20 -08:00
snipe f171357e36 Removed unused skin files, added skin setting option 2018-03-02 17:50:40 -08:00
snipe b4f704d7f1 Fixed 2FA reset button 2018-02-26 15:43:49 -08:00
Daniel Meltzer 9ee2c6be57 Api tests2 (#5098)
* Cleanup

* API tests for asset models and related cleanup/improvements

* Api license test.  Tests incomplete because create/update/destroy are not implemented yet in the controller

* API Category tests.

* Manufacturers API Test.

* Implement License Create/Update/Delete Methods for API and enable test.

* Add missing gate for api.  Fixes only superadmins being able to generate Personal Access Toekns
2018-02-25 12:10:02 -08:00
Daniel Meltzer 7de8f71f58 Api tests (#5096)
* Use the formated date helper to clean up verifications.

* Add Checkin/Checkout api tests.

* Accessories api test

* Add Companies API Test.

* Return ModelNotFound as a 404.

* Cleanups/simplficiations/updates.

* Locations api test.

* currency and image should be fillable on location.

* Update components api test.

* Use findOrFail so we return a 404 instead of a 200.  Matches other item types.

* order_number should be fillable in component.

* Add updated_at and permissions to information returned from api for a user.

* Add users test and flesh out factory and fillable fields.

* Add test for assets method

* API status label test.

* Disable php7.2 for now on travis until the count(null) issues are remedied

* Add serial to update.

* API model not found should return a 200
2018-02-24 19:01:34 -08:00
snipe b6a75093b7 Removed duplicate location_id assignment 2018-02-24 14:06:10 -08:00
snipe 5e5ba54c3e Disallow checkout asset to itself 2018-02-23 05:52:19 -08:00
Daniel Meltzer f7dbda4ed3 Disable broken tests (#5073)
* Work towards a functional travis.  Step 1: Disable broken unit tests.

* Fix functional tests

This updates the login information and model factories to work with
changes to source.

* Importer name/full name fixes.

Fix a bug where "name" was used ambigously and mapping "item name" to
"name" would confuse the importer into thinking it should also be a user
name.  Now we default to "full name" for the users name, and "item name"
for the item name.  These are still both configurable through the custom
mapping.

Also update sample csvs and remove an outdated sample.

* Max length of supplier notes is 191, not 255, as per default laravel string length.  Might make sense to change this to a text field in the future to match other places.

* Use sqlite/different db setup for unit tests.

* Fix assets api test.

* Fix Components API test.

* increase travis memory limit for functional tests.

* Use travis config for api tests as well.

* Fix memory limit file.

* Disable ApiComponentsAssetsCest until it's fixed.
2018-02-22 21:46:58 -08:00
snipe 236e773438 Fixed incorrect component not found string 2018-02-22 16:36:01 -08:00
snipe e3144c3093 Added Slack test button 2018-02-22 16:35:34 -08:00
snipe 9c1fe2c922 Reverting previous change - qty already existed in allowed columns. Derp. 2018-02-21 16:46:37 -08:00
snipe 006b2b18b0 Added qty to sorting 2018-02-21 16:21:31 -08:00
snipe f5e51897e3 Added - sort by color on status labels 2018-02-21 05:29:50 -08:00
snipe 698ea36cc2 Added - Order location by manager 2018-02-21 05:09:40 -08:00
snipe 0cf9cdd3b1 Make department columns sortable 2018-02-21 05:04:20 -08:00
snipe 0d7a43ab38 Fixed orderby parent location name 2018-02-21 02:17:18 -08:00
snipe 22f44e342f Fixed incorrect next audit date if asset override 2018-02-21 01:18:21 -08:00
snipe 589c3a2be3 Fixed #4668 - wrong gate on manufacturer save 2018-02-16 17:45:27 -08:00
snipe 3744a68daf
Features/better table options (#5018)
* Added CSS for table toolbar

* Use maintenances API for table listings

* NIcer layout for allowed_columns in maintenances API

* Fixed #5014 - bootstrap cookie issues

* Fixed #5015 - bug when saving settings

* Refactored datatable code to use data attributes

* Updated dashboard with new table code

* Added - Order by group user count

* Updated groups to use new table attributes

* New license listing table code

* More bootstrap table implementations

* More BS table refactoring

* Improved bootstrap assigned assets

* New bootstrap for reports

* Misc BS fixes

* FIxed small issue with asset history display

* Removed multisort option

* JS refactor
2018-02-16 13:22:55 -08:00
snipe f144d671ff Fixed #4988 - incorrect variable name in asset checkout API method 2018-02-12 19:13:33 -08:00
snipe 08d129c2ea Fixed #4951 - updating asset location in bulk edit 2018-02-02 09:36:40 -06:00
snipe b3a6ec2804 Fixed #4938 - default sort order 2018-02-01 17:17:56 -06:00
snipe d2587337e4 Fixed #4952 - ignore show_archived setting when drilling down into specific ID 2018-02-01 16:31:32 -06:00
snipe e7e10c24be Add departments to usr export 2018-02-01 15:54:49 -06:00
snipe 2f9fff7130 Do not try to show depreciation report if no depreciations are set up 2018-01-25 13:16:49 -06:00
snipe cf8feb37e1 Fixed crash if no model associated
This should never be triggered. Bad data is getting in somehow.
2018-01-25 03:00:54 -08:00
snipe 11505d5d06 Fix crash if no asset model
(This should never happen, but shouldn’t crash if/when it does)
2018-01-25 00:25:43 -08:00
snipe 1d04897b32 Order by default location 2018-01-24 14:27:12 -08:00
snipe 739d3c72b7 Fixed #4902 - include last name in checkin email 2018-01-24 10:59:34 -08:00
snipe 60c38a0c47 Added setting to choose what appears in model select list - Fixes #4879 2018-01-24 10:43:46 -08:00
snipe 2c2910d1dd Handle shitty edge cases where an asset has no model without crashing 2018-01-24 08:16:05 -08:00
snipe 765295136a Added - ability to add custom footer text, hide user’s manual/support links 2018-01-24 07:02:30 -08:00
snipe fefd6d60f6 Fixed #4899 - sorting in user history 2018-01-24 04:48:00 -08:00
snipe a7b8b4bf55 Added: ability to change actual location from bulk edit assets 2018-01-24 04:38:25 -08:00
snipe 7cafa194c1 Fix for counts 2018-01-24 04:26:15 -08:00
snipe b37f78dbbf Fixed #4858 - wrong params for id count 2018-01-24 04:24:45 -08:00
snipe f1bbdc9e59 Revert PR #4845 2018-01-24 03:32:45 -08:00
vcordes79 0fb8dc3418 check if user is allowed to view assets (#4845) 2018-01-23 18:10:05 -08:00
vcordes79 f4e9d245d0 Status labels (#4895)
* fix statuslabels

* fix statuslabels
2018-01-23 18:08:54 -08:00
vcordes79 7b596c750d API for (dis)associating fields with fieldsets (#4881)
* start work on fields in fieldset api

* revert CustomFieldsetsController

* fieldset associate / disassociate api

* fix variable names and payload

* fix variable name
2018-01-22 13:14:04 -08:00
snipe 99e55f84f0 Fixed misc UI permissions elements 2018-01-20 04:39:31 -08:00
snipe 34f6d5ab45 Fixed #4671 - corrected component checkin gate 2018-01-20 03:58:59 -08:00
snipe e6f70f2ab7 Fixed #4821 - add username to user selection dropdown 2018-01-19 23:47:37 -08:00
snipe 95a9742571 Fixed #4768 - adds dashboard message option to settings 2018-01-19 20:43:55 -08:00
snipe c242abb42e Added Company policy to fix company deletion issue 2018-01-19 17:51:28 -08:00
snipe 2a959edeba Added - Setting to allow archived assets in List All 2018-01-17 19:18:48 -08:00
snipe 8995d689b8 Fixed #4817 - [BREAKING API CHANGE] - changed user API response from firstname, lastname to first_name, last_name 2018-01-17 13:25:11 -08:00
snipe d920d91786 Fixed #4593 - do not require model_id to update asset custom fields via API 2018-01-17 13:12:32 -08:00
snipe 8fff6a1a06 Update asset location based on user checkout in bulk checkout 2018-01-17 12:39:49 -08:00
fordster78 138313dcb9 Setup changes (#4813)
* Add Asset Tag settings to Setup

* Add Locale Settings to Setup

* Add multiple company support to setup

* Changed the locale label name from 'site_name' to locale
Added default value for language to 'en' and multiple companies support
to 0 (false)
Switched out the old Input facade to the preferred $request->input
method for the setup page.
2018-01-17 10:58:03 -08:00
snipe 91bca5fcba Fixed #4844 - use input value for ids in user bulk edit 2018-01-17 06:15:52 -08:00
vcordes79 94cf1f8741 Fixes #4829 - add fields api (#4840)
* add fields api

* change route names
2018-01-17 05:31:57 -08:00
snipe 6bfd428c2e Use real status label names, even if deployed 2018-01-15 21:03:26 -08:00
snipe 68f1fa0340 Added - ability to sort by asset count in models 2018-01-11 15:21:51 -08:00
snipe 9293f17707 Moved search scope lower to fix weird (possible Laravel) bug w/prepared statements 2018-01-11 15:17:34 -08:00
snipe 3b4a651dd9 Allow counts in mfg sorting 2018-01-11 15:16:23 -08:00
snipe 2bbb6001a8 Added location to seats transformer 2018-01-10 20:36:27 -08:00
snipe e3d7be23cb Added new seats controller method 2018-01-10 18:47:57 -08:00
snipe 3d5545494e Added new seats transformer 2018-01-10 18:47:40 -08:00
snipe e6259eb6e1 Fixed #4774 - show assets assigned to assets in asset view
Todo: Fix text search on the asset to asset tab. It’s currently broken so I’ve disabled it.
2018-01-10 05:44:11 -08:00
snipe 285e4e2e52 Allow bulk language update in user edit 2018-01-10 05:33:26 -08:00
snipe 5587b64d64 Fixed #4770 - broken licenses, etc on company view, added users and components 2018-01-10 03:52:21 -08:00
Brandon Daniel Bailey f786e07179 Allow auto increment through the API (#4690)
* Allow auto incrementing asset_id from the API when the setting is enabled

* Cleaned up the if else statement

* Added prefix to the orWhereRaw which causes a database error if the configuration uses a prefix

* Auto incrementing through the API
2018-01-03 17:24:32 -08:00
Daniel Meltzer f16ce09a7a Importer again (#4702)
* If a user id is provided in the name column of an import, we should assume that it is a user id and check out to it.

* Fix build of vue files.  The location is public/js/build, not public/build

* Ensure a status type is set before allowing submission of an import.

Also expand the status text label to change color based on success/failure.

Fixes #4658

* Use right key to lookup emails when importing users.  Fixes 4619.

* Import serial for components, and make unique matches based on the serial as well as the name.  Fixes #4569

* Set the location_id when importing an item properly.

This moves as well to using the Asset::checkout() method, which should consolidate the logic into a useful spot.
Fixes #4563 (I think)

* Production assets.

* Case insensitive field map guessing and repopulate when changingin import type.
2017-12-28 20:08:45 -08:00
snipe c3a44f25fd Fixed #4663 - duplicate manufacturer name in selectlist 2017-12-20 12:32:55 -08:00
snipe d2e2c1c05f Stub and 404 registration routes 2017-12-19 22:14:51 -08:00
snipe b716db225f Added “new” buttons for manufacturer and category in asset model creation 2017-12-19 20:30:46 -08:00
snipe 7a8c8233a2 Fixes #4639 2017-12-15 18:54:38 -08:00
snipe f1a911d305 Fixed ambiguous query on non-super admins with FCS 2017-12-12 21:14:12 -08:00
snipe 608bb1b5b1 Fixed #3416 - bulk delete asset models 2017-12-12 09:10:05 -08:00
snipe 1ef44721f5 Improved - disallow delete if not elgible in UI 2017-12-12 07:03:31 -08:00
snipe 528630a8d3 Improvement - make asset, etc totals in company listing sortable 2017-12-12 07:03:09 -08:00
snipe 856a760d89 Improved - disallow deleting manufactureres if there are associated items
This is enforced on the backend - UI imorovement only
2017-12-12 06:52:50 -08:00
snipe 9179b6d9c4 Improved - disallow delete through the GUI if asset model has assets associated
(We prevent this on the backend anyway, but this makes for nicer UI)
2017-12-12 06:49:04 -08:00
snipe 4ce91a4f5d Fixed namespace gate for components - related to #4282 2017-12-12 06:26:37 -08:00
snipe aff93d8f2b Fixed #4589 - Licence deployed to asset issue 2017-12-12 05:43:06 -08:00
snipe 612f23f6e0 Added #2893 - track changes on asset edits 2017-12-12 04:59:28 -08:00
snipe 9fe2a7f81d Removed duplicate log entry on asset creation 2017-12-12 03:39:55 -08:00
snipe c816870083 De-norm last audit date so we can display it in the asset listing 2017-12-12 03:03:43 -08:00
snipe c5c46b7283 Removed duplicate deleted logaction
This is handled via observers now
2017-12-12 02:32:45 -08:00
snipe 5b00a8ae33 Use specific company_id column name in user search 2017-12-11 22:50:55 -08:00
snipe f90271dae5 Aaaaand one more for #2810. Sigh. 2017-12-08 14:33:12 -08:00
snipe e1423bd9d9 One more fix for #2810 2017-12-08 14:02:27 -08:00
snipe 3df62a200f Fixed manufacturer gates 2017-12-08 13:16:37 -08:00
snipe 4898dd8e23 Use ImageUploadRequest $request on user profile update 2017-12-06 14:42:14 -08:00
snipe a090b6a9d2 Use ImageUploadRequest 2017-12-06 14:38:01 -08:00
snipe dfb0c09c51 Fixed #4581 - renamed print method 2017-12-06 11:17:42 -08:00
snipe 83547e3fed Prepopulate ther groups array on create 2017-12-05 18:17:11 -08:00
snipe 29a36b5d1c Do not allow null id on group edit 2017-12-05 16:49:26 -08:00
snipe a19cef07bf Check for gate on license key display 2017-12-05 16:26:23 -08:00
snipe c39e6d7006 Fixed #4576 - licence checkout gate 2017-12-05 15:04:10 -08:00
snipe 438f484d68 Removed duplicate purchase cost column 2017-12-05 14:03:08 -08:00
snipe f95d780fcf Include purchase cost column if depreciation is selected 2017-12-05 14:02:43 -08:00
snipe 76fe2af0af Fixed #4444 - Added EOL back into asset lsiting and custom report 2017-12-05 13:03:11 -08:00
snipe e490185533 Fixed EOL in custom report 2017-12-05 12:54:19 -08:00
snipe deba4d2b81 Added consumables tio printable output 2017-12-05 12:37:42 -08:00
snipe a8cc29f062 Added #2562 - print view of all assigned inventory 2017-12-05 12:34:16 -08:00
snipe 7efa7ec03f Starter print template for all assets assigned to a user 2017-12-05 01:55:24 -08:00
snipe 9eef7a94ab Fixed #4557 - added missing fields in components/consumables list view 2017-12-05 00:40:30 -08:00
snipe d7f2bceea2 Fixed incorrect property on supplier 2017-12-04 20:45:20 -08:00
snipe fdaa279930 Fixed #4548 - add cateory to model dropdown 2017-12-04 20:19:30 -08:00
snipe ec4bed436c Fixed #4565 - show manufacturer in models selectlist 2017-12-04 19:52:18 -08:00
snipe 9deafd771e Fixed bad suppliers error route 2017-12-01 20:28:37 -08:00
snipe cbc09f3a12 Fixes #4508 - adds image to location view (and google map, if address and API key exist) 2017-12-01 19:12:35 -08:00
snipe 8b4c85d69a Removed verbose logging 2017-12-01 16:56:50 -08:00
snipe 78a51d3675 Additional fixes, improvements for custom report 2017-12-01 16:51:38 -08:00
snipe 14874d8e8a Fixes #4495 - missing field in Download CSV, added filter options on custom report 2017-12-01 14:47:52 -08:00
snipe ff793f1cb5 Added variable to determine if “new” modal button should be displayed 2017-12-01 14:37:11 -08:00
snipe 8140bdaa88 Fixed repeated header issue in asset export 2017-12-01 14:25:32 -08:00
snipe cefdca3d22 Fixed incorrect has vs input 2017-11-30 13:40:26 -08:00
snipe d3864db5e1 Switched to use $request from Input:: facade 2017-11-30 13:32:00 -08:00
snipe ea2f7617df Validate checkout_to_type on asset checkout 2017-11-27 21:20:12 -08:00
snipe b6c258bb12 Redirect to back on bad checkout 2017-11-27 21:19:50 -08:00
snipe 804b49cefb Make sure the asset is available for checkout before displaying the checkout screen 2017-11-27 21:18:29 -08:00
snipe 305b0d8edb Fixed #4522 - properly check for valid target, throw error otherwise 2017-11-27 21:17:58 -08:00
snipe 05996019e5 Use asset checkout request in API 2017-11-27 21:17:16 -08:00
snipe a7e12931fa Check that assigned is an object in reports controller 2017-11-22 18:42:17 -08:00
snipe 6f3a90c48b Check that the assigned data is valid 2017-11-22 15:07:34 -08:00
snipe 8f160a8590 Fixed CSV asset export missing checked out to info 2017-11-22 13:05:48 -08:00
snipe 2278d5bfd8 Fixed restore permission to assets API disable delete/checkin/checkout on deleted assets 2017-11-22 10:35:24 -08:00
snipe 8562f018ed Fixed - conflicting error when a user and asset were both checked out 2017-11-22 07:31:38 -08:00
snipe d98d06377e Fixed #4098 - autolink URL and email addresses in listing 2017-11-21 22:34:53 -08:00
snipe 22fdd05314 Add UTF charset 2017-11-21 22:34:07 -08:00
snipe 0adebd1ec8 Add sorting and additional category types to dashboard categories
BREAKING CHANGE: Category type now reports as `category_type`, instead of `type`
2017-11-21 20:33:30 -08:00
snipe 43c1e893c0 Fixed #4494 - use audit settings for asset audit pre-populaton 2017-11-21 20:13:51 -08:00
snipe 4696e799ed
Fixes #4491 and #4483 - handle pre-selected asset on checkout, better checkout-to selection UI (#4501)
* Added form checkout selector partial

* Stupid stash

* Added radio button checkout selector javascript

* New compiled production assets

* Added $style override in form partials for select2 ajax lists

* Added checkout-to radio button selector

TODO: Fix for accessibility - currently cannot tab-select this radio button

* Added new checkout-to selector to hardware edit

* Added new checkout-to selector to asset checkout form

* Refactored postCheckout to use radio button submission

This defaults to user checkout if nothing is passed for some reason

* Better visual feedback on whether or not an asset is deployable in edit screen
2017-11-21 15:58:31 -08:00
snipe 17405f5de1 Fixed #4413 - Next license seat not bering assigned correctly 2017-11-20 19:21:05 -08:00
snipe 7321c5937f Fixed #4440 - allow username search in asset dropdown 2017-11-16 16:49:16 -08:00
snipe ce525c1985 Fixed #4471 - removed gate for categories selectlist 2017-11-16 13:48:38 -08:00
snipe ba38b841cb Constrain accessory by category ID if one is passed 2017-11-14 16:47:21 -08:00
snipe 498fc3762d Fixed #4437 - pagination for maintenances 2017-11-14 01:32:25 -08:00
snipe 0396267388 Fixed #4412 - use select2 ajax list for asset maintenances 2017-11-12 17:22:16 -08:00
snipe 7eef1b4bcf Fixed #4418 - order models by name asc in selectlist 2017-11-10 15:56:14 -08:00
snipe 6852b74317 Removed gates from selectlist method 2017-11-09 10:51:55 -08:00
madd15 172c7c75a8 Fixed #4374 - Add option to display company names to labels (#4405)
* Migration - Labels Display Company Name setting

* Add Company Name to Labels

Add company name if it is turned on in settings and asset has a valid company

* Add Company Name checkbox to Label settings

* Add Company Name Lang

* Add display company name to postLabels

* Revert Add Company Name Lang

* Fix display company name in postLabels

* Change tinyInt to boolean for display company name

* Simplify checking for company and getting the name

* Change to square brackets for array notation

* Move divs inside if statements on optional fields
2017-11-08 20:05:39 -08:00
snipe b567ffdcfe Fixed #2855 - checkin for components 2017-11-08 06:06:05 -08:00
snipe 35ee52212f Added ability to disable the alert icon in the top menu 2017-11-08 03:08:17 -08:00
snipe a3e80882c1 Better error handling for qr codes on invalid assets 2017-11-08 01:04:14 -08:00
snipe 74773ac912 Fixed incorrect policy reference in consumables listing 2017-11-07 23:05:29 -08:00
snipe 9764d2ad24 Removed commented code 2017-11-07 22:25:32 -08:00
snipe d03b8c6528 Error handling for when log ID has no match on asset accept 2017-11-07 22:25:24 -08:00
snipe 5aee5a3f3d Update location on checkout, error if bad target 2017-11-07 17:37:08 -08:00
snipe 9d7455f022 Fixed handling deleting old images better 2017-11-07 11:28:13 -08:00
snipe b748e7ed5e Fixed transformers to use new singleton upload urls 2017-11-07 11:11:47 -08:00
snipe 579334b5fc Fixed - name should always be required in custom fields 2017-11-06 20:05:40 -08:00
snipe dc32e4bdb0 Fixed form request ffor custom fields 2017-11-06 16:42:37 -08:00
snipe 6ece593629 Fixed #4381 - asset uploads 2017-11-06 12:38:31 -08:00
snipe 2b3b2e3197 Removed presenter references in custom report 2017-11-06 10:44:57 -08:00
snipe a9d9234fb3 One more fix for custom reports 2017-11-06 10:44:18 -08:00
snipe 936ff707c7 Fixed custom report bug if assignedTo has no value 2017-11-06 10:42:34 -08:00
snipe 04ab522ee3
Fixes #4236 - validate the regex custom validation (#4380)
* More helpful text on how the custom validator works

* Clarified language of custom format, fixed regex example

* Fixed regex example in placeholder

* Added comments to custom fields

* Added regex validation string

* Added valid_regex validator in format requirements

* Removed useles comments

* Fixes #4236 - validate the regex custom validation
2017-11-04 17:06:14 -07:00
snipe fe06ef10f1 Set the items array variable for no results 2017-11-04 01:23:50 -07:00
snipe 2de0a3669e Check that there is a valid array before unshifting 2017-11-04 01:11:11 -07:00
snipe d68d95a915 Fixed - Added a “clear selection” option to select2 ajax lists 2017-11-04 00:19:16 -07:00
snipe d7f8615964 Fixed query for location ID 2017-11-03 20:10:36 -07:00
snipe cc7be5f947 Added location to checkout in API 2017-11-03 19:42:45 -07:00
snipe 5b489e003d Set the location_id on save/update to rtd if one is given 2017-11-03 19:41:26 -07:00
snipe 8c1f4b006e Removed comment 2017-11-03 19:40:55 -07:00
snipe 3a52c19428 Updated fieldname in Locations transformer and API 2017-11-03 19:40:40 -07:00
snipe c06539dee3 Update the location ID if there is an rtd_location given 2017-11-03 17:36:18 -07:00
snipe b3b8ab493e Switch to the reply_to address 2017-11-03 14:58:49 -07:00
snipe 6fb0ef908d Fixed issue sorting when viewing users by department 2017-11-03 14:29:04 -07:00
snipe 85360a7c7f Removed gates on selectlists
They can’t access the API directly unless they have been granted API accesses anyway
2017-11-03 13:03:57 -07:00
snipe 416455fe01 Fixes weird manager_id validation
This is a shit fix - need to find out what’s happening here.
2017-11-03 12:48:00 -07:00
snipe 3ecaa99990 Fixed only undeployed assets in checkout to list 2017-11-03 11:33:36 -07:00
snipe 0c794c103b Return an integer value for free seats if null 2017-11-02 20:23:04 -07:00
snipe 53175d5035 Fixed sorting issue on company/manufacturer/supplier 2017-11-02 20:01:39 -07:00
snipe 0bd09f9c46 Added sorting on available and total seats 2017-11-02 19:37:30 -07:00
snipe 27d795508d Fixed n+1 query, changed checkout behavior to just ask for a license ID
We’re offloading the freeSeat() to the checkout page now
2017-11-02 19:16:09 -07:00
snipe 368ac5b85d First stab at handling the n+1 issue on licenses 2017-11-02 18:20:42 -07:00
snipe f47075c180 Removed depreciation from Licenses transformer 2017-11-02 17:18:53 -07:00
snipe 85624205b4 Updated Lang::get to trans 2017-11-02 17:12:51 -07:00
snipe c9c5ce6ee0 Return Deleted User if the user is invalid for some reason 2017-11-02 16:20:01 -07:00
snipe 28a4293a0b Fixed #4370 - user’s listing flashing then no results 2017-11-02 11:19:34 -07:00
snipe f095f1807c Eager load userloc 2017-11-02 11:06:15 -07:00
snipe e08911ab8f Removed nonce for now
There is a dependency in a package where we can’t edit the script tags to add the nonce
2017-11-02 10:57:05 -07:00
snipe ca6dc5c2b5 Eager load user location 2017-11-02 10:56:36 -07:00
snipe f43692938b Fixed slug call in asset models image 2017-11-02 08:02:51 -07:00
snipe da56a253bc Added checkout requests method 2017-11-02 04:21:57 -07:00
snipe a844d5b018 Added pagination, nicer formatting for requested assets 2017-11-02 04:17:14 -07:00
snipe 4f008e118f Fixed search string on suppliers selectlist 2017-11-01 21:55:17 -07:00
snipe e11f9313f0 Fixed #4360 - better output if backup fails 2017-11-01 14:12:18 -07:00
snipe d36e8cfbd2 Dashbpoard pie fixes 2017-11-01 13:27:59 -07:00
snipe 4cdcbc97ee Fixed varname issue on old image delete for manufacturers 2017-11-01 13:10:56 -07:00
snipe feb2f5b076 Fixed #4356 - removed reference to old assetloc 2017-10-31 18:20:03 -07:00
snipe 37868cd70e Added warranty and expiration to list view 2017-10-31 07:05:15 -07:00
snipe 32b2f77ad9 Fixed issue where we tried to call the audit log even if the asset wasn’t valid 2017-10-31 05:41:06 -07:00
snipe 472a5b9f69 Removed extra log on API asset create 2017-10-31 05:38:52 -07:00
snipe 121e158f39 Change method name from userloc to location
This needs to be changed in more places though
2017-10-31 05:22:57 -07:00
snipe f4e7bfc28d Null custom field if field exists but is empty 2017-10-31 05:22:21 -07:00
snipe 0f4c05c5d0 Remove commented code 2017-10-31 05:02:46 -07:00
snipe 7f1b7be416 Rolling back prepending models to sort 2017-10-30 21:26:25 -07:00
snipe 02720f225c Fixed sorting issue in asset models when ordering by manufacturer 2017-10-30 20:51:01 -07:00
snipe 546c3e50fa Fixed updating the assigned assets location if user’s location changes 2017-10-30 19:33:52 -07:00
snipe 7f1b962e56 Improved use of de-normed locations fields 2017-10-30 19:21:35 -07:00
snipe 4eee7f8d97 Added address for users - fixes #4323 2017-10-30 18:57:00 -07:00
snipe 0fd0e3a8b4 Returns null for order number if it’s blank 2017-10-28 15:53:22 -07:00
snipe 9687a78981 Fixed a few inconsistencies in the API results (null vs empty string) 2017-10-28 15:17:36 -07:00
snipe 39c68214e9 More ajax menu fixes 2017-10-28 11:17:52 -07:00
snipe 6a3716a06d Added new ajax dropdown menus for components, consumables, etc editing/creating 2017-10-28 09:21:39 -07:00
snipe 2172e6cc25 Added suppliers ajax list 2017-10-28 08:37:47 -07:00
snipe 108ac79442 Added update to asset location id on checkout/checkin 2017-10-28 07:38:36 -07:00
snipe bd48ae96c2 Update location on checkin if one is given 2017-10-28 07:28:35 -07:00
snipe 03f6211582 Make notes null if empty 2017-10-28 07:01:06 -07:00
snipe 4f1747023a Seed with demo images 2017-10-28 05:46:43 -07:00
snipe 5278dac2b0 Eager loading assignedTo - I have no idea why this works 2017-10-28 03:50:02 -07:00
snipe 890012f6c4 Update references to assetloc to location 2017-10-28 02:58:38 -07:00
snipe 3991f79115 Use new location method for hardware view 2017-10-28 02:37:59 -07:00
snipe df430a2263 Removed assignedTo eager load for now - it’s not working 2017-10-28 02:31:36 -07:00
snipe 277e49468b Added deleted at to API 2017-10-28 02:31:13 -07:00
snipe d76f858dcd Try eager loading assignedTo 2017-10-28 01:50:58 -07:00
snipe 7a543fa6d5 Use new location method on asset API 2017-10-28 01:49:13 -07:00
snipe f49ecbdb61 Code cleanup 2017-10-27 18:01:42 -07:00
snipe b1ac024725 Refined upload code 2017-10-27 17:40:10 -07:00
snipe ec68bd7842 Small refactoring for code quality 2017-10-27 17:38:11 -07:00
snipe 0788347990 Cleaned up status label method 2017-10-26 22:49:57 -07:00
snipe 7496a902bd Removed unused getDataView controller method
This is all API based now
2017-10-26 22:39:41 -07:00
snipe f2d04be8fe Remove unused methods in Settings API controller (for now) 2017-10-26 22:35:01 -07:00
snipe f2499fc7d2 Removed else condition on custom fields API for code quality 2017-10-26 22:33:40 -07:00
snipe 00d910ddbc Added manufacturers and categories select lists 2017-10-26 22:09:08 -07:00
snipe a99e09e5e3 Removed extra with() calls, since we load those up via the select2 lists now 2017-10-26 21:50:27 -07:00
snipe 7d11cb0748 Added selectlist transformer for select2 API calls 2017-10-26 21:50:01 -07:00
snipe bdb95e4e3d Added companies ajax select2 endpoint 2017-10-26 16:37:41 -07:00
snipe ea07517ad5 Added more ajax select2 boxes to checkouts, remove helper ->with() methods 2017-10-26 03:43:28 -07:00
snipe 82690e1fd7 Integrate ajax select2 menus in all asset checkouts 2017-10-26 02:28:17 -07:00
snipe 75b527ab59 Features/image uploads (#4320)
* Locations API support for image

* Added manufacturers API support for image

* Added manufacturers API support for image

* Added image support for locations add/update

* Added manufacturer image upload support to controller

* General image string

* Added blade support for image uploads/delete image

* Added $request support (from Input::)

* Added image support in API transformers

* Added image to Manufacturers presenter for data table

* Migration to create image fields

* Ignore the contents of the new image directories

* Create new image upload directories

* Created components/consumables uploads directory

* Fixed missing textSearch scope from companies

* Added ignore for companies uploads directory

* Added blade support for image upload

* Fixed path to upload directory on edit

* Added company image upport to transformers, controllers

* Added image support for categories

* Added support for images in Departments

* Added support for image in Consumables

* Added image support for components
2017-10-25 22:35:58 -07:00
snipe b083541723 Fixed docblock copypasta 2017-10-25 20:23:59 -07:00
snipe 0d34cc704a Added controller for state-saver for sidenav 2017-10-25 20:10:59 -07:00
snipe 17d58d9cc5 Added snazzy rich user selection menu
TODO:
- Abstract this out so it can be used by other select2 menus
- Write a select2 transformer to standardize output
2017-10-24 19:24:35 -07:00
snipe e0fe383815 Removed debug message in SaveUserRequest 2017-10-24 19:18:53 -07:00
snipe 7140efc561 Use the transformers, Luke 2017-10-24 19:18:20 -07:00
snipe 99be54fd96 Fixed success message on saving new user 2017-10-24 19:17:30 -07:00
snipe 8a9960f830 Fixed missing break that would override password requirement 2017-10-24 16:56:46 -07:00
snipe dc805dd9b1 Added user avatars to listing 2017-10-24 09:51:07 -07:00
snipe 7d64ab3158 Fixes #4294 - pass correct group ID for group user listings 2017-10-24 04:39:47 -07:00
snipe fc644925ea Fixes #4291 - adds phone to user listing 2017-10-23 14:21:51 -07:00
Brady Wetherington 8ac57d0121 Need to prefix status_id with assets. for uniqueness (#4279) 2017-10-20 17:37:46 -07:00
snipe 22e13cd4d2 Allow sorting on asset counts, disable delete button if the user has items checked out to them 2017-10-19 17:15:21 -07:00
snipe 4215a3257b Fixes #1044 - adds suppliers and image to accessories (#4266)
* Ignore accesories uploads

* API: Allow searching accessories by supplier id

* Adds suppliers and image upload to accessories

* Allow sorting by counts for suppliers

* Validate supplier image uploads

* Remove purchase_date from protected accessory array, it was converting it to datetime in datepicker
2017-10-19 16:25:24 -07:00
snipe 1f247ff541 Don’t let the user checkout an asset to itself
(We should consolidate that AssetCheckoutRequest for the API)
2017-10-19 15:51:55 -07:00
snipe e185dc68af Fixes #4240 - allows admins to use custom password reset URL 2017-10-19 12:22:27 -07:00
snipe 54000ff69f Allows sorting by number of assets, etc in category 2017-10-19 11:48:09 -07:00
snipe 7e8d670f81 Disable delete buttons if there are assets, etc 2017-10-19 11:41:35 -07:00
snipe a9753eb646 Include asset count in status labels overview 2017-10-19 10:48:15 -07:00
snipe 707c4db881 API: Check there are no assets associated before allowing delete 2017-10-19 10:39:08 -07:00
snipe d1de34394e Removed stupid count method 2017-10-19 10:37:30 -07:00
snipe 7153013fb0 Fake sending the test email if the app is in demo mode 2017-10-19 08:33:46 -07:00
snipe 2b826c3adc Merge branch 'features/mail_test_button' into develop 2017-10-19 08:19:24 -07:00
snipe cd193ce8bb Fixes #4036 - adds test email button to general settings 2017-10-19 08:18:56 -07:00
snipe cb50142ba3 Update @thakilla as a contributor 2017-10-19 06:16:03 -07:00
Nicolai Essig 4bc551db82 ref #4042 scale barcode with label size (#4258) 2017-10-19 06:08:01 -07:00
snipe ae567c08db Fixes incorrect language reference for consumables on checkout if consumable doesn’t exist 2017-10-19 03:44:01 -07:00
snipe 13586be6b0 Fixed load error if license is invalid 2017-10-19 03:37:27 -07:00
snipe 4d3d19ca2b Fixes older route reference in consumables 2017-10-19 02:07:31 -07:00
snipe c5893b4445 Fixes #4249 - display deployed location in listing 2017-10-19 01:30:40 -07:00
snipe 3b012f2827 Some advanced search query tweaks 2017-10-18 10:07:35 -07:00
snipe 5519e2d4ae Fixes custom fields sorting on asset listings
I need a silkwood shower :(
2017-10-18 09:27:34 -07:00
snipe a3139c6fc6 Fix accessories route for invalid accessory ID 2017-10-18 08:53:25 -07:00
snipe c0e50be03e Duh. Helps if you actually assign the array first. 2017-10-18 08:45:05 -07:00
snipe 447833c996 Only try to process model bulk editing if at least one model was selected 2017-10-18 08:15:54 -07:00
snipe 68f6385eba Fixes 500 in bulk checkout if no asset is selected 2017-10-18 07:15:16 -07:00
snipe d9135a8aac Disallow deleting suppliers with associated assets, licenses or maintenances 2017-10-18 05:47:20 -07:00
snipe eedbe468ac Fix licenses not saving supplier id on edit 2017-10-18 05:43:15 -07:00
snipe ea63ced2bd Fixes table alias bug in complex queries for Laravel 2017-10-18 01:21:08 -07:00
snipe c069829b33 Fixes #906 - groups view 2017-10-17 21:43:57 -07:00
snipe dea42db18b Reversed order of withTrashed for deleted asset QR codes 2017-10-17 16:21:50 -07:00
snipe a1f5e11517 Fix for broken QR code on deleted assets 2017-10-17 16:01:53 -07:00
snipe 160fd1c86a Added setting to let admin decide whether footer text should link back to site 2017-10-17 13:54:03 -07:00
snipe b46cbac911 Fixes #4230 - adds model name and manufacturer to emails 2017-10-17 13:30:32 -07:00
snipe e9c3d6bfb7 Full text search fixes - addresses laravel bug :( 2017-10-17 12:48:18 -07:00
snipe e7fe91c9d4 Depreciation view 2017-10-17 11:20:05 -07:00
snipe cbe008d52f Fix assetLoc to assetloc because reasons? 2017-10-16 09:08:08 -07:00
snipe 45c2af80a3 More LDAP testing US refinements 2017-10-16 09:00:51 -07:00
snipe 1fbf3753bc More small LDAP test improvements 2017-10-16 07:07:21 -07:00
snipe bcf435f625 Try for better error reporting on LDAP fail
Sorry for all the commits on this - my local LDAP isn’t working and I can’t figure out why, so no easy way to test locally
2017-10-16 06:46:33 -07:00
snipe b107280b7b Slightly nicer UI for LDAP login test 2017-10-16 06:39:36 -07:00
snipe f1a6926ad9 LDAP test login 2017-10-16 06:34:04 -07:00
snipe ba7b9d8168 Removed stray foo 2017-10-16 05:54:33 -07:00
snipe 59a126c47c Small tweaks to LDAP test 2017-10-16 05:52:18 -07:00
Daniel Meltzer 22e9246031 Fix more old routes. Should fix #4216 (#4217) 2017-10-15 23:32:40 -07:00
snipe 6d4574130f Clearer indication of whether or not the user will be emailed a eula 2017-10-11 14:44:25 -07:00
snipe b6a1e0d12f Call migrate before passport install 2017-10-11 12:42:31 -07:00
snipe f56eb16941 More specific order by clause for drilling down on order number 2017-10-11 12:29:08 -07:00
snipe 64e7ab3a12 Fixes #4182 - empty names for assets when checking out to asset 2017-10-11 01:31:37 -07:00
Richard Hofman adca7cb0c5 Fix LDAP location sync issue in #3993 (#4181)
* Ensure locations with the most specific OUs take precedence during user assignment.

* Save 'ldap_ou' Location attribute during creation.
2017-10-09 13:06:47 -07:00
snipe a69a939034 Small barcode tweaks 2017-10-07 07:15:28 -07:00
snipe 834c6ad8f9 Removed extra space 2017-10-07 06:56:47 -07:00
snipe 2ce48fbc7e Use components transformer in API method 2017-10-07 06:56:39 -07:00
snipe 5d18937e94 Standardized component API output 2017-10-07 06:56:18 -07:00
snipe b3186ba5ea Removed old getDataTable methods
These are no longer used because of the API
2017-10-07 06:56:02 -07:00
snipe e2f4685a55 Added notes back to list view 2017-10-07 03:36:50 -07:00
snipe 282b3b5b0a Remove catch-all “deployed” from pie chart 2017-10-06 18:41:10 -07:00
snipe 1dcff8d463 Remove eager loading on pie
This was causing memory issues for large asset sets
2017-10-06 18:15:01 -07:00
snipe e461c25428 Apply model image fix to update method 2017-10-06 17:03:51 -07:00
snipe 554ea8bb95 Fixed asset model image validation 2017-10-06 16:56:43 -07:00
Richard Hofman f2be409914 LDAP sync improvements and DB query fix. (#4148)
* Set 'ldap_ou' Location field to NULL when an empty string is submitted.

* Consolidate LDAP user import logic in LdapSync.php.
2017-10-06 16:15:14 -07:00
snipe f66e222f3d Fixes #4132 - associated accessory users 2017-10-03 21:03:00 -07:00
snipe 6dd4282f1f Fixes #4130 - show deleted asset models 2017-10-03 17:53:08 -07:00
snipe 3f44987799 Small logo size tweaks 2017-10-03 14:15:03 -07:00
snipe 512632ce60 Make the export button contextual for requested status 2017-10-03 12:50:18 -07:00
snipe 54671af7f0 Small export assets fix 2017-10-03 11:49:41 -07:00
snipe 8e73cacf4e Fixes custom report to include assigned to names, etc 2017-10-03 10:38:28 -07:00
snipe 8a7abba427 Slash url 2017-10-02 17:21:18 -07:00
snipe 9df648b428 Fix Session path 2017-10-02 17:19:22 -07:00
snipe ff38cdd09b Comment out the nullable middleware until we have a chance to check all model validators 2017-10-02 16:36:43 -07:00
snipe 59225701b5 Redirect to previous after login 2017-10-02 16:00:42 -07:00
snipe aab635154a Default to turning CSP off until we can fix vue/CSP issues 2017-10-02 13:29:14 -07:00
snipe e26d038589 Fixed license checkin form UI 2017-10-01 15:08:32 -07:00
snipe abe19a6311 Merge branch 'develop' of github.com:snipe/snipe-it into develop 2017-10-01 14:33:02 -07:00
snipe 07359c76ad Fixes #4094 - more nullables 2017-10-01 14:32:47 -07:00
Daniel Meltzer c2616412c0 Add laravel routes to javascript (#4092)
* Add laravel routes to javascript

This will clean up a lot of passing of urls.  Adds a route() helper and
everything...

This commit also moves the customfield fetching to only be fetched once
and shared with each file, rather than once for each file.

* Try to fix travis unit test things.

* Downgrade doctrine/inflector for php5

* Attempt to occasional seeder issues on travis if the asset does not generate validatable data.

* Update sql dump for functional tests.

* Try to fix api tests.
2017-10-01 12:59:55 -07:00
Daniel Meltzer 23ca2d9a0b Minor fixes (#4091)
* Fix old urls.

Still had some /admin/ urls floating around, which was causing bad
redirects in some instances.  Should fix #4085

* The modal seems to be confusing license upload. be more explicit in the route we redirect to.

* Fix #4039.  Use proper methods for location assets.

This also fixes a bunch of n+1 issues in the transformer.  Also: curious
to know what Location::assets() does, because it doesn't do what I want
it to :)
2017-10-01 12:57:04 -07:00
Daniel Meltzer 655ca78633 Adjust the import controller to return a url to the process path to enable processing an uploaded file without refresh. (#4080) 2017-09-29 17:49:35 -07:00
snipe 9301c56a77 Fixes #4069 - include request handler 2017-09-29 16:17:35 -07:00
snipe 43ff66e4d9 More UI tweaking for meta statuses 2017-09-29 15:24:33 -07:00
snipe fe1975067a Hopefully clearer status label meta info 2017-09-29 12:03:02 -07:00
snipe efd71f8bfe For #3998 - Disable CSP if debug=true
To avoid all the nonce hell from debugbar
2017-09-29 04:53:09 -07:00
snipe 05a8ba9a8e Fix weird url if license checkout fails 2017-09-29 04:37:33 -07:00
snipe 9ce2d1f560 Merge branch 'csp-middleware' into develop 2017-09-29 04:14:33 -07:00
snipe faf3802971 Fixes #4011 - do not send email to user on license checkout 2017-09-29 02:00:49 -07:00
snipe aab409dec2 Fixes #4061 - bulk checkout error 2017-09-28 22:22:21 -07:00
snipe 4d32f2b337 Fixes #4059 - accessories view 2017-09-28 21:18:00 -07:00
snipe 0e29744ec2 Don’t try to send an email if the user doesn’t have an email address 2017-09-28 20:57:33 -07:00
snipe 51236a2ad9 Fixes #4056 - check for assets before deleting user 2017-09-28 19:57:52 -07:00
snipe 46d87849f4 Added content security middleware 2017-09-28 19:45:15 -07:00
snipe b60febeea2 Removed space in XSS header because safari was getting angry 2017-09-28 18:45:54 -07:00
snipe 9b84a0d516 *eyeroll* 2017-09-28 17:34:47 -07:00
snipe 1775995f26 Is this space necessary? Getting weird results from netsparker 2017-09-28 17:25:04 -07:00
snipe 26a7701cda Added referrer-policy header 2017-09-28 17:12:58 -07:00
snipe a34085f1d9 Added mode=block to XSSProtect header 2017-09-28 16:28:27 -07:00
Daniel Meltzer af19e5d976 Fix old route (#4053)
Looks like we missed in the v4 port.  Fixes the unrelated issue in #4052
2017-09-28 16:02:50 -07:00
snipe 3d7277398c Fixes #4057 - sig file in lightbox 2017-09-28 15:13:05 -07:00
snipe ac83dba2bb Fixes #4034 - save login note 2017-09-27 16:35:54 -07:00
snipe fc96fa756e Fix redirect default on password reset 2017-09-27 16:23:21 -07:00
snipe ea9a502152 Added empty regsitration controller
When using the default Laravel auth routes, it expects a registration controller, even though we don’t have a concept of registration. This blank controller just prevents route caching from throwing errors.
2017-09-27 16:23:01 -07:00
snipe ec8a3d2e56 Fixes #4027 - proper redirect on fieldset delete 2017-09-27 16:02:29 -07:00
snipe ecf041fa10 Fixes #4043 - standardize groups API response 2017-09-27 15:18:29 -07:00
snipe 0ab9bc1db8 Added normalization midddleware, removed 2017-09-27 15:18:05 -07:00
snipe e91a537552 Use more modern Request handler 2017-09-27 14:50:48 -07:00
snipe bd0498aa69 Fixes #4016 - signature file missing from history tab 2017-09-27 12:58:08 -07:00
snipe e27e1a78c3 Fix for case where a fieldset is assigned to a model, but no fields are assigned 2017-09-26 16:01:23 -07:00
snipe f2ee7dcabb Fixes #4001 - license checkout not working 2017-09-25 21:40:43 -07:00
snipe 26203801f6 Fixes #4009 - zip not populating on locations listing page 2017-09-25 20:45:05 -07:00
snipe c3afbc0e53 Run backups before purging and importing 2017-09-25 15:00:23 -07:00
snipe 38326314ca Merge branch 'develop' 2017-09-25 11:53:33 -07:00
snipe 865950e766 Fixes #4000 - user_id blank 2017-09-25 11:53:10 -07:00
snipe 34dfcb5add Merge branch 'develop' 2017-09-22 17:23:38 -07:00
snipe 30019a144a Disable login note editing on demo 2017-09-22 17:23:22 -07:00
snipe b29d7beb3a Merge branch 'develop'
# Conflicts:
#	.gitignore
#	Dockerfile
#	README.md
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/AssetMaintenancesController.php
#	app/Http/Controllers/AssetsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/GroupsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/routes.php
#	app/Models/Depreciation.php
#	app/Models/Location.php
#	config/version.php
#	resources/views/account/view-assets.blade.php
#	resources/views/hardware/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/partials/modals.blade.php
#	resources/views/reports/custom.blade.php
#	snipeit.sh
2017-09-22 16:12:18 -07:00
Daniel Meltzer 922d6937ae Custom field import repair (#3968)
* There is no notes field on accessories.  Fixes Importer Test.

* Fix notification test.  We should see a checkout not allowed exception when trying to check out to a location if the asset requires acceptance.

* Fix Custom field import.

Add a test for custom field import, and fix a few issues related to
importing custom fields.  This will restore v3 functionality.

* Add UI support for mapping custom fields.

This still requires the field mappings to be created/assigned in
advance, but will fetch all custom field names and allow them to be
selected when setting up custom field mappings.

This commit also updates laravel-mix to v1.4.3 and other node
dependencies to fix some build issues.

* Fix some requestable asset page/assetloc issues.  I'd love to know why laravel expections relationships to be in lower case... but thats a question for another day.
2017-09-18 12:29:08 -07:00
Iman ed4ea7f1f4 No new feature,No bug fix, Only refactoring (#3949)
* No change in logic !

Just exchanging the if and else code blocks and negating condition.

* remove unneeded else{} block

* Re-indented the code
2017-09-12 12:28:42 -07:00
snipe 81e358a01d Small maintenance fixes 2017-09-08 17:49:01 -07:00
snipe 47909b93f7 Fixed deleted users/restore users view 2017-09-06 17:11:43 -07:00
Daniel Meltzer 987536930c Assorted fixes (#3923)
* Fix some n+1 problems

* Use route in notification dropdown to make sure we link to correct page

* Work on better UI support for checkout to non-user.  Fix links on index bootstrap table, work towards eliminating assignedUser

* Remove Asset::assigneduser() relationship.  Instead add a checkedOutToUser() method and/or port to using assignedTo()

* Adjust string to fit new reality

* Fix #3780.  Move the consumables getDataView method to the ApiController.  Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...

* Fix file uploads to assets and restore the delete route.

* Add asset maintence edit action to index.

* Suppliers asset list should link to the related asset, not to the supplier with same ID.

* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.

* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
2017-09-05 17:54:58 -07:00
snipe 761371509d Use notifiables for slack audit notification 2017-08-31 21:30:38 -07:00
snipe 0054ce3071 Fixes #3907 2017-08-31 13:45:48 -07:00
Daniel Meltzer bb874012d9 Progress towards better email notifications (#3911)
Working mail from notification.  Still requires testing/cleaning

Add tests around checkout notification.

This also removes the ability to check out an asset to a location|asset
that requires acceptance/a Eula.  For 4.1 we may think about how to
support such a thing, but at present it seems to make sense to only alow
such assets to be checked out to users, who can be responsible for the
items.
2017-08-31 11:14:21 -07:00
snipe 8d2c229bc3 Move LDAP validation into form request 2017-08-31 10:44:00 -07:00
snipe 48e6208214 Fixes #3907 - do not require username on user if LDAP import 2017-08-31 10:43:36 -07:00
snipe 22233e3ba6 Bulk asset audit form (needs more testing) 2017-08-29 16:00:22 -07:00
snipe e439f15a64 Fixed some date math for auditing 2017-08-28 17:20:20 -07:00
snipe e10cdd57a5 Removed old getassetloist method 2017-08-26 15:22:04 -07:00
snipe bf157773c8 Also related to #3888 2017-08-26 15:21:38 -07:00
snipe 51d74ac06d Auduting improvements 2017-08-25 18:40:20 -07:00
snipe 16f57e16cb Fixes #1190 - added basic audit workflow 2017-08-25 10:04:19 -07:00
snipe 52270fa4db Derp 2017-08-25 08:30:48 -07:00
snipe bf3731d65c Set default min password to 10 2017-08-25 08:23:23 -07:00
snipe 4721cab928 Grr. 2017-08-25 06:08:19 -07:00
snipe 08f3e78d26 Merge branch 'checkout-to-location-v2' of https://github.com/dmeltzer/snipe-it into dmeltzer-checkout-to-location-v2
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Transformers/LocationsTransformer.php
#	resources/views/locations/view.blade.php
#	routes/api.php
#	tests/_data/dump.sql
2017-08-25 06:04:22 -07:00
snipe 10711245ba Fixes #3792 - parent/child locations in API 2017-08-25 05:32:12 -07:00
snipe d23ea70b08 Added auth check back to asset store 2017-08-25 03:26:50 -07:00
snipe 659d953f3f Fixed custom error message for status labels 2017-08-24 22:40:07 -07:00
Brady Wetherington c1dcc22217 Refactor and improve Modal support for Assets (#3884) 2017-08-24 22:24:02 -07:00
snipe 6e30fa6922 Fixes custom fields in asset listing where no custom fields were assigned 2017-08-23 03:28:13 -07:00
snipe f119c69698 Possible fix for #3852 2017-08-22 22:46:02 -07:00
snipe 57f4c986af Enforce password complexity rules on new account password change 2017-08-22 22:41:35 -07:00
snipe a0cbca85bf Fixes for API calls for password complexity stuff 2017-08-22 21:15:35 -07:00
snipe 9bda62d295 ADDED: Password rules for complexity, min length, rejecting common passwords 2017-08-22 20:32:39 -07:00
snipe 1d7e243d0a Fixes #3790 - parent display on locations index 2017-08-22 15:02:31 -07:00
snipe 63bc2ec09f Fixes #3802 - make id an (int) in API repsonse 2017-08-22 14:53:48 -07:00
snipe 31516abef9 Fixes #3858 - use transformer for single listing categories 2017-08-22 14:26:08 -07:00
snipe d2535582f3 Fixes #3853 - added notes/zip to suppliers API response 2017-08-22 14:18:21 -07:00
snipe eaaea303f4 Fixes #3860 - return JSON instead of redirect in API delete dept call 2017-08-22 14:15:13 -07:00
snipe 8c5312b931 Fixes #3866 - weird API behavior in status label types 2017-08-22 14:10:54 -07:00
snipe 6310670835 Fixes #3869 - asset maintenances API endpoints 2017-08-22 13:52:06 -07:00
snipe 148d41d8dc Removes erroneous else 2017-08-22 12:22:32 -07:00
snipe 71c1c74164 Fixes #3085 - adds “change password” functionality back to user accounts 2017-08-22 12:09:04 -07:00
snipe 4576cb6f56 Merge branch 'develop' of github.com:snipe/snipe-it into develop 2017-08-10 14:38:08 -07:00
snipe 56f88d2c22 Fixes #3836 - Adds supplier to licenses column 2017-08-10 14:38:04 -07:00
gibsonjoshua55 c1d1cb8122 Address #3840 and fixes group transformation in UsersTransformer (#3841)
Removes the incorrect variable access in UsersTransformer of a users's
groups and adds an array of groups' ids and names to the return array.
2017-08-10 13:37:54 -07:00
snipe de18e2a887 Only bcrypt passwords on user save if the password value is passed 2017-08-08 14:41:58 -07:00
snipe 7da4fe4524 Fixes #3825 - allows fillables through location API 2017-08-08 12:36:28 -07:00
snipe 9bfd345774 Use Company transformer with payload 2017-08-03 19:55:08 -07:00
snipe df87c82ddc Fixes #3805 - add/update/delete methods for User API 2017-08-03 19:50:18 -07:00
snipe 3e8b7d9c94 Check for overall asset delete permissions before checking to see if the user can delete that specific asset 2017-08-03 19:49:41 -07:00
Jason Spriggs 7c4ee54f8b Fix #3803 - Return asset object instead of just id (#3811) 2017-08-01 20:01:11 -07:00
snipe 03f9d01aab Fixes #3775 - added missing created_at and updated_at fields 2017-07-29 17:01:03 -07:00
snipe a2d63dd3e4 Fixes #3776 - adds Company to Dept UI 2017-07-29 16:42:17 -07:00
snipe 0408509fdc Fixes #3777 - correct response for two_factor_actived for user API 2017-07-29 16:25:42 -07:00
snipe 5e47c18d68 Fixes #3786 - checkin/checkout to components UI 2017-07-29 16:13:17 -07:00
snipe 4e5cf531f7 Fixes #3799 - use transformers on show() method as well 2017-07-29 15:46:10 -07:00
snipe cb903ab9fd Fixes manager user->name to username in Users API 2017-07-26 08:51:16 -07:00
snipe 66d8308163 More compact payload for users API on location and manager 2017-07-26 08:47:54 -07:00
snipe 847262e989 Fixes #3774 - fixes for inconsistent API responses (‘’ vs null) and adds escaping 2017-07-25 23:40:30 -07:00
snipe 59006964d1 Fixes #3771 - adds username to API response on Asset API 2017-07-25 22:11:50 -07:00
snipe ac29b142dc Adds max thumbnail width to asset listings, settings 2017-07-25 19:36:38 -07:00
snipe 0fbf9236f4 Fixes #3742 - add employee number to asset listing
Also removes asset report, since it’s basically the exact same output as the asset listing
2017-07-25 01:17:23 -07:00
snipe 7510f9f128 Fixes #3753 - use route direction instead of URL 2017-07-17 16:42:39 -07:00
snipe 3eea1a23f8 Slug the filename
So upoloads with weird characters like parens don’t get hoarked when trying to delete
2017-07-14 02:38:13 -07:00
snipe 1fda4593c1 Update @gibsonjoshua55 as a contributor 2017-07-12 20:41:20 -07:00
snipe ad12a5ce11 Added store/update methods to custom fields API 2017-07-12 19:34:34 -07:00
snipe 5abe72ce02 Added whether the field is required to the custom fieldsets transformer 2017-07-12 19:23:54 -07:00
snipe 3e3276334b Added escaping to API output 2017-07-12 19:23:15 -07:00
snipe b13e04095e Removed commented code 2017-07-12 19:22:58 -07:00
gibsonjoshua55 3cfcc43efa Adds basic GET api support for CustomFieldsets (#3697)
* Adds basic GET api support for CustomFieldsets

Currently there is not support for getting what fields a given fieldset contains
from the API.  This commit creates a new API Controller for CustomFieldsets as
well as Transformers for CustomFields CustomFieldsets.  Additionally, the api
route has been updated so that a show method can be access from
http://myapp/api/v1/fieldsets/{id}

* CustomFieldsetsTransformer only returns id and name of model

* Added index api method for CustomFieldsets

* Removes copy/paste error in CustomFieldsetController (including search)

* Added id to CustomFieldsetsTransformers

* Adds custom_fieldset_id as a field when storing and updating AssetModels

* Removed uncessesary parameter from CustomFieldsetsController.index

* Cleaned up CustomFieldset API
2017-07-12 17:51:22 -07:00
snipe 9bcfe0748b Make custom fields into their own JSON array 2017-07-08 18:44:28 -07:00
snipe 635299cd74 Decrypt encrypted fields 2017-07-08 17:04:40 -07:00
snipe 20376daec4 Fix encryption on first save 2017-07-08 17:04:24 -07:00
snipe a49fd16916 Fixed delete file settings route 2017-07-08 13:42:05 -07:00
snipe 932e25ca9b Only add an update log message if the asset isn’t being checked in or out 2017-07-08 03:38:39 -07:00
snipe 33557f3792 Nicer formatting for phpinfo output 2017-07-08 00:22:30 -07:00
snipe c2927c4a2e Added phpinfo page if debugging is enabled 2017-07-08 00:09:39 -07:00
snipe ab2b2f3043 Updated UI for Admin Settings 2017-07-07 23:44:48 -07:00
snipe 9894edb008 Added login note to settings 2017-07-07 19:54:10 -07:00
snipe c2e8803d1e Addec clone button back to models, assets, licenses, etc 2017-07-07 18:45:49 -07:00
snipe 7e1f7297b3 Settings tweaks 2017-07-07 18:06:31 -07:00
snipe 31cabaa4db Fixes #3724 - adds edit/delete button back to companies listing 2017-07-07 17:10:06 -07:00
Daniel Meltzer 61c6160b98 Importer mapping - v1 (#3677)
* Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue.

* Pull the modal out into a dedicated partial, move importer to views/importer.

* Add document of CSV->importer mappings.  Reorganize some code.

Progress.

* Add header_row and first_row to imports table, and process upon uploading a file

* Use an expandable table row instead of a modal for import processing.  This should allow for field mapping interaction easier.

* Fix import processing after moving method.

* Frontend importer mapping improvements.

Invert display so we show found columns and allow users to select an
importer field to map to.  Also implement sample data based on first row
of csv.

* Update select2.  Maintain selected items properly.

* Backend support for importing.  Only works on the web importer currently.  Definitely needs testing and polish.

* We no longer use vue-modal plugin.

* Add a column to track field mappings to the imports table.

* Cleanup/rename methods+refactor

* Save field mappings and import type when attempting an import, and repopulate these values when returning to the page.

* Update debugbar to fix a bug in the debugbar code.

* Fix asset tag detection.

Also rename findMatch to be a bit clearer as to what it does.
  Remove logging to file of imports for http imports because
it eats an incredible amouint of memory.

This commit also moves imports out of the hardware namespace and into
their own webcontroller and route prefix, remove dead code from
AssetController as a result.

* Dynamically limit options for select2 based on import type selected, and group them by item type.

* Add user importer.

Still need to implement emailing of passwords to new users, and probably
test a bit more.

This also bumps the memory limit for web imports up as well, I need to
profile memory usage here before too long.

* Query the db to find user matches rather than search the array.  Performance is much much better.

* Speed/memory improvements in importers.

Move to querying the db rather than maintaining an array for all
importers.  Also only store the id of items when we import, rather than
the full model.  It saves a decent amount of memory.

* Remove grouping of items in select2

With the values being set dynamically, the grouping is redundant.  It
also caused a regression with automatically guessing/matching field
names.  This is starting to get close.

* Remove debug line on every create.

* Switch migration to be text field instead of json field for compatibility with older mysql/mariadb

* Fix asset import regression matching email address.

* Rearrange travis order in attempt to fix null settings.

* Use auth::id instead of fetching it off the user.  Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
snipe 25e99194ce Fixes #3681 - corrected fieldname for bulk asset delete 2017-06-20 14:41:30 -07:00
snipe 5b9bcd8fa2 Add next auto-increment to settings form 2017-06-20 12:23:16 -07:00
snipe 4bde058192 Save next_auto_tag_base in settings on edit 2017-06-20 12:19:05 -07:00
snipe 770092f23f Added save/update/delete observers
This should make it easier to handle action logging between the GUI and the API
2017-06-15 20:54:14 -07:00
Daniel Meltzer 5d4920c741 [WIP] Improvements to unit tests. (#3574)
* Improvemenets to unit tests.

* Break up modelfactory into multiple files, populate many states.
* Begin testing validation at the unit test level, test relationships.
* Add tests for Asset::availableForCheckout.
* Model factories now generate all needed relationships on demand,
  which allows us to unit test with a empty database.
* To faciliate the empty database, we move to using sqlite in memory as
  the unit testing database.

* Fix bug with logs of checkouts to non users.

* Fix location finding for assets.  Also Fix location show page to show users associated with location.  Still need some work to show assets.

* More test and generator improvements

* More unit test fixes. PermissionsTest is borked still.

* More Updates

* Rewrite permissionstest.  Check that we have access on the model level rather than via web requests.  Also test delete permissions.

* Fix seeders.

* Make the default asset model factory generate assets that are rtd for testing.

* Save progress.

* Rebase tests, fix department unit test, update database for functional tests.

* Update functional and api tests to use new modelfactory signatures.
2017-06-12 17:39:03 -07:00
Daniel Meltzer dfea47a272 Fix location view display. Migrate to api controller methods and fix missing bits to make this happen. Show manager on the location view page. 2017-06-12 18:24:20 -05:00
Daniel Meltzer f0d78091d2 Add a manager field to locations.
This is round one of the rethink of checkout-to-everything.  A location
now has a manager field, and the manager (by default) be responsible for
assets checked out to the location.
2017-06-12 18:23:50 -05:00
snipe 966a736602 Patches #3640 to develop 2017-06-12 15:31:11 -07:00
Daniel Nemanic 30a9704625 Update UsersController.php (#3640)
If a user is disabled in your Active Directory, it should be deactivated in the licensing too.

The standard state is now deactivated for synced accounts.
Maybe we can change this throw a Setting for a standard state.

The codes comes from this site:
http://www.netvision.com/ad_useraccountcontrol.php
2017-06-12 15:29:55 -07:00
snipe 14f3868b46 Update all controllers to use laravel 5 return view method 2017-06-09 16:44:03 -07:00
snipe a5cd4a0a22 Use updated view method for laravel 5 2017-06-09 16:31:25 -07:00
snipe ad816264e9 WIP import mapper #3639
@dmeltzer, I’m not sure how much extra work this will be to integrate.
2017-06-09 16:29:42 -07:00
snipe 041b794e1f Fixes #3634 - use new routes for groups 2017-06-08 20:24:26 -07:00
snipe da2d9b2374 Fixes presenter issue on user history 2017-06-08 19:09:42 -07:00
snipe 58b2834c54 Fixed case for userloc 2017-06-08 18:46:07 -07:00
snipe 2aaa635345 Fixes crash on asset detail view 2017-06-08 18:26:55 -07:00
snipe d62896f945 Fixes #3414 - bulk update for asset models 2017-06-08 17:48:48 -07:00
snipe 74aaadcdc5 Fixes #3583 - incorrect 404 status code, use curl for checking .env 2017-06-01 20:41:23 -07:00
snipe 25dca80644 Fixes #3602 - actions missing from suppliers in v4 2017-05-31 06:52:37 -07:00
snipe 7b1265cb89 Cache totals for later dashboard use 2017-05-31 02:02:55 -07:00
snipe 5499735f3a Actionlogs API transformer 2017-05-23 14:31:04 -07:00
snipe 40e11b6661 Removed old getActivityReportDataTable() method, since we’re using the API now 2017-05-23 14:30:55 -07:00
snipe b1fa25b73e Added filter to report by user_id for activity 2017-05-23 14:30:29 -07:00
snipe 452c52a3ab Changed variable name for consistency 2017-05-23 14:30:07 -07:00
snipe 52f24f7587 Reports API controller 2017-05-23 09:24:36 -07:00
snipe b223630f72 Added dept to User API transformer 2017-05-23 02:48:03 -07:00
snipe e9c39add4f Added dept helper reference in create/edit/bulk edit users 2017-05-23 02:47:49 -07:00
snipe 7ec1724308 Create, edit and destroy for depts 2017-05-23 02:47:25 -07:00
snipe 811ddd2f67 Include depts in returned list, sort by dept 2017-05-23 02:46:55 -07:00
snipe cefb20d46f Set dept manager ID for dept 2017-05-23 02:46:25 -07:00
snipe bb323db685 Load relationships in query 2017-05-23 02:46:03 -07:00
snipe eb3aa99e4f Added destroy method to dept 2017-05-23 02:45:51 -07:00
snipe 64f17cecbf Updated department transformer 2017-05-23 02:37:30 -07:00
snipe e2f2f9e154 Additional methods for Department web UI 2017-05-23 01:09:13 -07:00
snipe 8caf6623f1 Filter by dept for user display 2017-05-23 01:09:03 -07:00
snipe 6c623866c0 Additional API methods for departments 2017-05-23 01:08:55 -07:00
snipe 659e60fd12 Department controllers and transformer 2017-05-22 21:32:33 -07:00
snipe 71fd430f8e Fixes issue with older, deleted asset tags caching QR codes 2017-05-19 02:51:35 -07:00
snipe 0c43e64160 Licenses detail view 2017-05-18 22:10:45 -07:00
Jason Spriggs 0ab37af7ab Add in location parent and child information into API requests (#3582)
* Add location hierarchy to LocationsTransformer

* Add in parent_id
2017-05-16 12:30:11 -07:00
snipe 0c8308f5a4 Fixes for ordering on asset listing 2017-05-15 20:55:39 -07:00
snipe fdd88af44a Fixes #3556 2017-05-15 19:14:55 -07:00
snipe c8796cf045 Only prompt for checkin if there is an assigned user 2017-05-10 03:37:30 -07:00
snipe ee2c67a65f Added missing logging back in 2017-05-09 15:30:45 -07:00
snipe 5614578710 Don’t make the item clickable if it’s been deleted 2017-05-09 15:30:19 -07:00
snipe 07882110fa Cleanup dashboard controller
We ajax this data in now
2017-05-09 00:38:45 -07:00
Daniel Meltzer e9b056f66c Importer fixes v2 (#3524)
* Pave the imports table

* Format error response if file is the wrong type.

* If a custom field doesn't exist, don't insert a blank string into the custom fields table

* CustomField::db_column_name can return the stored name in the db.  It's slugified when that value is set initially.  This fixes a weird issue where _1 was replaced with _xx
2017-05-03 12:14:35 -07:00
snipe 59a4e161ff Fixes checkout buttons on licenses list 2017-04-24 21:37:20 -07:00
snipe 54a2c46101 Fixes #3491 - adds supplier info to assets listing 2017-04-22 19:14:28 -05:00
Daniel Meltzer 1bb89db451 A few fixes (#3437)
* This method was renamed, so we need to rename the eager load

* Readd tinker to the composer dev packages.

* Update sql dump for functional tests.
2017-03-31 13:48:31 -07:00
Andrea Bergamasco 7ee172888d /api_tests: Completed tests for basic CRUD for Assets and Components (#3426)
* Refactored AssetsTransformer

Casted all ids to int, escaped all text values,

* Added warranty_expires attribute to Asset model

$asset->warranty_expires contains a Carbon object with the warranty
expiration date. Returns null when either purchase_date or
warranty_months are not set.

* Ignoring php-cs cache files

* Restored asset tests expectations

Work in progress - tests still fail

* API controller refactoring, fixed HTTP status codes in responses

* Restored $request->get - debugging

* Added further checks in ApiAssetsCest::updateAssetWithPatch

* /api_tests: Fixed bugs in update() method + code formatting

* /api_tests: Minor code formatting

* /api_tests: Mirrored test code for PATCH and PUT methods

* Removed repeated code

* Test cleanup

* Fixed issues with update() through PATCH and PUT methods

* Added API test suite to .travis.yml
2017-03-31 13:48:11 -07:00
Andrea Bergamasco e03ebc3fd0 AssetTransformer refactoring, restored tests (#3407)
* Refactored AssetsTransformer

Casted all ids to int, escaped all text values,

* Added warranty_expires attribute to Asset model

$asset->warranty_expires contains a Carbon object with the warranty
expiration date. Returns null when either purchase_date or
warranty_months are not set.

* Ignoring php-cs cache files

* Restored asset tests expectations

Work in progress - tests still fail

* API controller refactoring, fixed HTTP status codes in responses

* Restored $request->get - debugging

* Added further checks in ApiAssetsCest::updateAssetWithPatch
2017-03-14 08:37:39 -07:00
snipe c8c5c05351 Added asset checkin/checkout API methods 2017-03-11 14:04:52 -08:00
snipe 8dbd9fb299 Added additional permissions for checkin/checkout buttons 2017-03-11 12:14:10 -08:00
snipe 00aa06882c Fixed incorrect route for components 2017-03-11 12:13:35 -08:00
snipe 742e3d044e API improvements
Components still need some work here
2017-03-11 10:05:50 -08:00
snipe ae6828a0fa Removed dumb code comment 2017-03-11 08:03:30 -08:00
snipe 2a4bf65883 Basic sanity checking on some of the API controllers 2017-03-11 08:03:16 -08:00
snipe a680541fe8 Fixed target variable 2017-03-11 05:17:02 -08:00
snipe 5b450c5978 Disambiguated company_id in assets api controller 2017-03-11 04:39:28 -08:00
snipe 875d0dd343 Added advanced search to assets 2017-03-11 04:26:01 -08:00
snipe b16ff263ec Addtional search filters for licenses API 2017-03-11 02:57:19 -08:00
snipe bb2b6cb642 Foxed license name in licenses API 2017-03-11 02:52:50 -08:00
snipe d799ab2a9c Narrowed down the accessories, consumables, etc APIs for manufacturer filtering 2017-03-11 02:49:24 -08:00
snipe caf2f648b1 Added updated/created to locations API 2017-03-10 22:09:21 -08:00
snipe c132036f5c Fixes #3311 - more fields for manufacturers 2017-03-10 22:08:59 -08:00
snipe ad510cecd5 Fixes #2422 - Adds bulk edit for select user attributes 2017-03-10 20:07:44 -08:00
snipe 01ae8802c1 Fix user export 2017-03-03 19:54:06 -08:00
snipe 51fccbdda4 Added last login to user menu 2017-03-03 18:28:13 -08:00
snipe 6a2fd74219 Fixed API gate names in tranformers for new, more granular admin stuff 2017-03-03 17:56:05 -08:00
snipe 097096aa24 More custom date display via API 2017-03-03 17:53:42 -08:00
snipe dc38e575d9 Allow date/time formatting selection in settings 2017-03-03 17:29:41 -08:00
snipe c6c3ddba3e Remove detail() presenter 2017-02-23 17:01:01 -08:00