Alex Janes
a68ec8bb57
Update LoginController.php
...
Updated if statements to match convention exactly.
2021-12-17 18:52:42 -05:00
Alex Janes
74de91c31a
Merge pull request #1 from snipe/develop
...
Develop
2021-12-17 14:51:03 -05:00
Alex Janes
d99db5c63b
bug fix and formatting fix
2021-12-16 19:04:37 -05:00
snipe
398180dc59
Small merge unmagling
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 14:38:04 -08:00
snipe
c3d55ee27e
Merge master down into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# .all-contributorsrc
# README.md
# app/Exceptions/Handler.php
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Api/SettingsController.php
# app/Http/Controllers/CustomFieldsController.php
# app/Http/Controllers/SettingsController.php
# app/Http/Transformers/AssetsTransformer.php
# app/Models/Setting.php
# config/version.php
# resources/lang/af/button.php
# resources/lang/ar/button.php
# resources/lang/bg/button.php
# resources/lang/cs/button.php
# resources/lang/cy/button.php
# resources/lang/da/button.php
# resources/lang/de/button.php
# resources/lang/el/button.php
# resources/lang/en-GB/button.php
# resources/lang/en-ID/button.php
# resources/lang/es-CO/admin/groups/message.php
# resources/lang/es-MX/button.php
# resources/lang/et/admin/custom_fields/general.php
# resources/lang/et/admin/hardware/table.php
# resources/lang/et/admin/kits/general.php
# resources/lang/et/admin/manufacturers/message.php
# resources/lang/et/admin/models/general.php
# resources/lang/et/admin/settings/general.php
# resources/lang/et/button.php
# resources/lang/et/mail.php
# resources/lang/fa/button.php
# resources/lang/fa/help.php
# resources/lang/fi/button.php
# resources/lang/fil/button.php
# resources/lang/fr/button.php
# resources/lang/ga-IE/button.php
# resources/lang/he/button.php
# resources/lang/hr/button.php
# resources/lang/hu/admin/settings/general.php
# resources/lang/hu/auth/message.php
# resources/lang/hu/button.php
# resources/lang/hu/mail.php
# resources/lang/id/admin/hardware/table.php
# resources/lang/id/button.php
# resources/lang/it/button.php
# resources/lang/iu/button.php
# resources/lang/ja/button.php
# resources/lang/ko/button.php
# resources/lang/lt/button.php
# resources/lang/lv/button.php
# resources/lang/mi/button.php
# resources/lang/mk/button.php
# resources/lang/ml-IN/button.php
# resources/lang/mn/button.php
# resources/lang/ms/admin/hardware/table.php
# resources/lang/ms/admin/kits/general.php
# resources/lang/ms/admin/models/general.php
# resources/lang/ms/admin/models/message.php
# resources/lang/ms/admin/settings/general.php
# resources/lang/ms/button.php
# resources/lang/nl/button.php
# resources/lang/no/admin/hardware/table.php
# resources/lang/no/admin/kits/general.php
# resources/lang/no/admin/settings/general.php
# resources/lang/no/auth/message.php
# resources/lang/no/button.php
# resources/lang/no/help.php
# resources/lang/no/mail.php
# resources/lang/pl/button.php
# resources/lang/pt-BR/button.php
# resources/lang/pt-PT/auth/message.php
# resources/lang/pt-PT/button.php
# resources/lang/pt-PT/mail.php
# resources/lang/ro/button.php
# resources/lang/ru/admin/settings/general.php
# resources/lang/ru/button.php
# resources/lang/ru/help.php
# resources/lang/sl/admin/custom_fields/general.php
# resources/lang/sl/admin/hardware/table.php
# resources/lang/sl/admin/kits/general.php
# resources/lang/sl/admin/manufacturers/message.php
# resources/lang/sl/admin/models/general.php
# resources/lang/sl/admin/settings/general.php
# resources/lang/sl/admin/users/general.php
# resources/lang/sl/auth/message.php
# resources/lang/sl/button.php
# resources/lang/sl/help.php
# resources/lang/sr-CS/button.php
# resources/lang/ta/button.php
# resources/lang/th/button.php
# resources/lang/th/mail.php
# resources/lang/tl/button.php
# resources/lang/tr/admin/settings/general.php
# resources/lang/tr/auth/message.php
# resources/lang/tr/button.php
# resources/lang/uk/button.php
# resources/lang/ur-PK/button.php
# resources/lang/vi/button.php
# resources/lang/zh-CN/button.php
# resources/lang/zh-HK/button.php
# resources/lang/zh-TW/admin/hardware/table.php
# resources/lang/zh-TW/button.php
# resources/lang/zu/button.php
# resources/views/models/custom_fields_form.blade.php
# resources/views/reports/custom.blade.php
# resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
Alex Janes
6898119891
Replaced env() with config() to check environment variables
...
Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
2021-12-16 16:56:39 -05:00
Alex Janes
a6116a1b15
If SAML required, don't accept login form post.
2021-12-16 14:33:25 -05:00
Alex Janes
3c8d70c5fb
Add option to environment to require SAML for a more secure installation.
2021-12-16 11:44:07 -05:00
Bradley Coudriet
dbdc1c7f3f
Update SettingsController.php to save Slack Settings
...
This goes with #10438 that I just submitted about Slack Settings not saving.
This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco
c80aa2a289
Add title column to custom reports
2021-12-14 12:05:33 -06:00
Ivan Nieto Vivanco
0037cdb00c
Add title column to custom reports
2021-12-13 20:27:23 -06:00
snipe
25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected
...
Fixes bulk edit message counts more users than the actual selected users number
2021-12-13 14:13:14 -08:00
snipe
9d5d1a9f9a
Added escape to assigned_to API response
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco
a419a690d4
Add a variable to better control the selected user's ids
2021-12-11 18:01:38 -06:00
Brady Wetherington
ea71086dfc
Yank assetlog from eager-load clause in API query for develop
2021-12-10 18:50:34 -08:00
Brady Wetherington
acfb41f129
Remove 'actionlog' from the ::with() clause in the asset query API
2021-12-10 18:42:56 -08:00
Haxatron
1699c09758
Update AssetModelsController.php
2021-12-09 21:42:18 +08:00
Haxatron
918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/
2021-12-09 12:57:04 +08:00
snipe
86afe6c4b1
Cleanup slack validation
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 18:03:56 -08:00
snipe
ff97b359ad
Removed form request on ajax, cleaned up some other things
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:58:46 -08:00
snipe
8fa690b635
Reverting form request because it doesn't seem to work (????!!)
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:15 -08:00
snipe
8c1cd87831
Added slacksettingsrequest as use statement
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:56:22 -08:00
snipe
80d36cd72b
Added slack settings request
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:53:05 -08:00
snipe
ebdbc20740
Adds stricter validation for slack endpoints
...
Signed-off-by: snipe <snipe@snipe.net>
2021-12-06 11:40:24 -08:00
snipe
ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
...
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe
00fad35c2a
Escape notes in transformCheckedOutAccessory
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe
3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
...
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe
29bbfad693
Applied escaping fix from master to develop
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:38:27 -08:00
snipe
830d07f84f
Removed escaping on input save for asset checkout on creation
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco
1ca770895a
Apply trim() function when storing Custom Fields names
2021-11-22 18:43:21 -06:00
snipe
bbb0d1be17
Possible fix for asset model editing when no custom fieldset is associated
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 21:09:35 -08:00
snipe
f7b483358f
Escape custom field values in API response
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
snipe
476e17055b
Escape custom fields in API response
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:31:01 -08:00
snipe
46d2f8a81d
Disallow file upload to backups on demo
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:42:02 -08:00
snipe
92b7aaf44b
Log the user out upon successful restore
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:40:01 -08:00
snipe
f2f8f96991
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Transformers/AssetsTransformer.php
# app/Importer/ConsumableImporter.php
# app/Models/Consumable.php
# config/version.php
# package-lock.json
# package.json
# public/css/dist/all.css
# public/css/dist/bootstrap-table.css
# public/js/build/app.js
# public/js/dist/all.js
# public/js/dist/bootstrap-table.js
# public/mix-manifest.json
# resources/views/custom_fields/fieldsets/view.blade.php
# resources/views/layouts/default.blade.php
# routes/web.php
# routes/web/fields.php
2021-11-15 19:24:38 -08:00
snipe
457c6080cc
Better handling if there was no file uploaded
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-10 01:43:45 -08:00
snipe
96f76e1f6b
INCOMPLETE: Added restore and upload methods for backups
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-10 00:07:17 -08:00
snipe
3b25093aeb
Removed noisy debugging
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:38:27 -08:00
snipe
76506dabbf
Made helpers call full namespace (tho I have no idea why this was necessary)
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:38:14 -08:00
snipe
1b1b54fbf4
Add modified_value and modified_display so we can use the formatted date but still sort correctly
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:37:49 -08:00
snipe
0e21a95817
Escape error message in asset autdit apI (same as in v5)
...
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 19:39:32 -08:00
Brady Wetherington
3ea209a507
Escape asset_tag attribute at controller level for consumption in bulk checkout
2021-11-08 20:27:43 -08:00
snipe
ea0d92c439
Merge branch 'develop' into fixes/fmcs_departments
2021-10-28 18:18:08 -07:00
snipe
d36849bd41
Merge branch 'develop' into feature/remove_deleted_user_from_unaccepted_assets_report
2021-10-28 18:11:03 -07:00
snipe
84a3a85823
Fixed parse error for merge conflict
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-28 18:04:03 -07:00
snipe
798f6d65de
Merge pull request #9847 from inietov/bug/ch15357/requested_assets_allow_to_cancel_if_checkedout_to_self
...
Adds a check to know if the asset is checked out to the logged in user to allow check the state in the view
2021-10-28 17:53:24 -07:00
snipe
bdf321ecc9
Merge branch 'develop' into change-var-aws-public-url
2021-10-28 17:46:16 -07:00
snipe
645529ba78
Merge pull request #9889 from ncareau/api-licenses
...
Add licenses api parameters and fix a missing variable in license view.
2021-10-28 17:20:09 -07:00
snipe
2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1
...
API: Do not include deleted items per default on lookup by serial
2021-10-28 17:09:20 -07:00