Commit graph

2015 commits

Author SHA1 Message Date
Alex Janes a68ec8bb57
Update LoginController.php
Updated if statements to match convention exactly.
2021-12-17 18:52:42 -05:00
Alex Janes 74de91c31a
Merge pull request #1 from snipe/develop
Develop
2021-12-17 14:51:03 -05:00
Alex Janes d99db5c63b bug fix and formatting fix 2021-12-16 19:04:37 -05:00
snipe 398180dc59 Small merge unmagling
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 14:38:04 -08:00
snipe c3d55ee27e Merge master down into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Models/Setting.php
#	config/version.php
#	resources/lang/af/button.php
#	resources/lang/ar/button.php
#	resources/lang/bg/button.php
#	resources/lang/cs/button.php
#	resources/lang/cy/button.php
#	resources/lang/da/button.php
#	resources/lang/de/button.php
#	resources/lang/el/button.php
#	resources/lang/en-GB/button.php
#	resources/lang/en-ID/button.php
#	resources/lang/es-CO/admin/groups/message.php
#	resources/lang/es-MX/button.php
#	resources/lang/et/admin/custom_fields/general.php
#	resources/lang/et/admin/hardware/table.php
#	resources/lang/et/admin/kits/general.php
#	resources/lang/et/admin/manufacturers/message.php
#	resources/lang/et/admin/models/general.php
#	resources/lang/et/admin/settings/general.php
#	resources/lang/et/button.php
#	resources/lang/et/mail.php
#	resources/lang/fa/button.php
#	resources/lang/fa/help.php
#	resources/lang/fi/button.php
#	resources/lang/fil/button.php
#	resources/lang/fr/button.php
#	resources/lang/ga-IE/button.php
#	resources/lang/he/button.php
#	resources/lang/hr/button.php
#	resources/lang/hu/admin/settings/general.php
#	resources/lang/hu/auth/message.php
#	resources/lang/hu/button.php
#	resources/lang/hu/mail.php
#	resources/lang/id/admin/hardware/table.php
#	resources/lang/id/button.php
#	resources/lang/it/button.php
#	resources/lang/iu/button.php
#	resources/lang/ja/button.php
#	resources/lang/ko/button.php
#	resources/lang/lt/button.php
#	resources/lang/lv/button.php
#	resources/lang/mi/button.php
#	resources/lang/mk/button.php
#	resources/lang/ml-IN/button.php
#	resources/lang/mn/button.php
#	resources/lang/ms/admin/hardware/table.php
#	resources/lang/ms/admin/kits/general.php
#	resources/lang/ms/admin/models/general.php
#	resources/lang/ms/admin/models/message.php
#	resources/lang/ms/admin/settings/general.php
#	resources/lang/ms/button.php
#	resources/lang/nl/button.php
#	resources/lang/no/admin/hardware/table.php
#	resources/lang/no/admin/kits/general.php
#	resources/lang/no/admin/settings/general.php
#	resources/lang/no/auth/message.php
#	resources/lang/no/button.php
#	resources/lang/no/help.php
#	resources/lang/no/mail.php
#	resources/lang/pl/button.php
#	resources/lang/pt-BR/button.php
#	resources/lang/pt-PT/auth/message.php
#	resources/lang/pt-PT/button.php
#	resources/lang/pt-PT/mail.php
#	resources/lang/ro/button.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/button.php
#	resources/lang/ru/help.php
#	resources/lang/sl/admin/custom_fields/general.php
#	resources/lang/sl/admin/hardware/table.php
#	resources/lang/sl/admin/kits/general.php
#	resources/lang/sl/admin/manufacturers/message.php
#	resources/lang/sl/admin/models/general.php
#	resources/lang/sl/admin/settings/general.php
#	resources/lang/sl/admin/users/general.php
#	resources/lang/sl/auth/message.php
#	resources/lang/sl/button.php
#	resources/lang/sl/help.php
#	resources/lang/sr-CS/button.php
#	resources/lang/ta/button.php
#	resources/lang/th/button.php
#	resources/lang/th/mail.php
#	resources/lang/tl/button.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/auth/message.php
#	resources/lang/tr/button.php
#	resources/lang/uk/button.php
#	resources/lang/ur-PK/button.php
#	resources/lang/vi/button.php
#	resources/lang/zh-CN/button.php
#	resources/lang/zh-HK/button.php
#	resources/lang/zh-TW/admin/hardware/table.php
#	resources/lang/zh-TW/button.php
#	resources/lang/zu/button.php
#	resources/views/models/custom_fields_form.blade.php
#	resources/views/reports/custom.blade.php
#	resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
Alex Janes 6898119891 Replaced env() with config() to check environment variables
Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
2021-12-16 16:56:39 -05:00
Alex Janes a6116a1b15 If SAML required, don't accept login form post. 2021-12-16 14:33:25 -05:00
Alex Janes 3c8d70c5fb Add option to environment to require SAML for a more secure installation. 2021-12-16 11:44:07 -05:00
Bradley Coudriet dbdc1c7f3f
Update SettingsController.php to save Slack Settings
This goes with #10438 that I just submitted about Slack Settings not saving.

This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco c80aa2a289 Add title column to custom reports 2021-12-14 12:05:33 -06:00
Ivan Nieto Vivanco 0037cdb00c Add title column to custom reports 2021-12-13 20:27:23 -06:00
snipe 25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected
Fixes bulk edit message counts more users than the actual selected users number
2021-12-13 14:13:14 -08:00
snipe 9d5d1a9f9a Added escape to assigned_to API response
Signed-off-by: snipe <snipe@snipe.net>
2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco a419a690d4 Add a variable to better control the selected user's ids 2021-12-11 18:01:38 -06:00
Brady Wetherington ea71086dfc Yank assetlog from eager-load clause in API query for develop 2021-12-10 18:50:34 -08:00
Brady Wetherington acfb41f129 Remove 'actionlog' from the ::with() clause in the asset query API 2021-12-10 18:42:56 -08:00
Haxatron 1699c09758
Update AssetModelsController.php 2021-12-09 21:42:18 +08:00
Haxatron 918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/ 2021-12-09 12:57:04 +08:00
snipe 86afe6c4b1 Cleanup slack validation
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 18:03:56 -08:00
snipe ff97b359ad Removed form request on ajax, cleaned up some other things
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:58:46 -08:00
snipe 8fa690b635 Reverting form request because it doesn't seem to work (????!!)
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:15 -08:00
snipe 8c1cd87831 Added slacksettingsrequest as use statement
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:56:22 -08:00
snipe 80d36cd72b Added slack settings request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:53:05 -08:00
snipe ebdbc20740 Adds stricter validation for slack endpoints
Signed-off-by: snipe <snipe@snipe.net>
2021-12-06 11:40:24 -08:00
snipe ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe 00fad35c2a Escape notes in transformCheckedOutAccessory
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe 3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe 29bbfad693 Applied escaping fix from master to develop
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:38:27 -08:00
snipe 830d07f84f Removed escaping on input save for asset checkout on creation
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco 1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
snipe bbb0d1be17 Possible fix for asset model editing when no custom fieldset is associated
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 21:09:35 -08:00
snipe f7b483358f Escape custom field values in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
snipe 476e17055b Escape custom fields in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:31:01 -08:00
snipe 46d2f8a81d Disallow file upload to backups on demo
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:42:02 -08:00
snipe 92b7aaf44b Log the user out upon successful restore
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:40:01 -08:00
snipe f2f8f96991 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Importer/ConsumableImporter.php
#	app/Models/Consumable.php
#	config/version.php
#	package-lock.json
#	package.json
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/views/custom_fields/fieldsets/view.blade.php
#	resources/views/layouts/default.blade.php
#	routes/web.php
#	routes/web/fields.php
2021-11-15 19:24:38 -08:00
snipe 457c6080cc Better handling if there was no file uploaded
Signed-off-by: snipe <snipe@snipe.net>
2021-11-10 01:43:45 -08:00
snipe 96f76e1f6b INCOMPLETE: Added restore and upload methods for backups
Signed-off-by: snipe <snipe@snipe.net>
2021-11-10 00:07:17 -08:00
snipe 3b25093aeb Removed noisy debugging
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:38:27 -08:00
snipe 76506dabbf Made helpers call full namespace (tho I have no idea why this was necessary)
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:38:14 -08:00
snipe 1b1b54fbf4 Add modified_value and modified_display so we can use the formatted date but still sort correctly
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:37:49 -08:00
snipe 0e21a95817 Escape error message in asset autdit apI (same as in v5)
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 19:39:32 -08:00
Brady Wetherington 3ea209a507 Escape asset_tag attribute at controller level for consumption in bulk checkout 2021-11-08 20:27:43 -08:00
snipe ea0d92c439
Merge branch 'develop' into fixes/fmcs_departments 2021-10-28 18:18:08 -07:00
snipe d36849bd41
Merge branch 'develop' into feature/remove_deleted_user_from_unaccepted_assets_report 2021-10-28 18:11:03 -07:00
snipe 84a3a85823 Fixed parse error for merge conflict
Signed-off-by: snipe <snipe@snipe.net>
2021-10-28 18:04:03 -07:00
snipe 798f6d65de
Merge pull request #9847 from inietov/bug/ch15357/requested_assets_allow_to_cancel_if_checkedout_to_self
Adds a check to know if the asset is checked out to the logged in user to allow check the state in the view
2021-10-28 17:53:24 -07:00
snipe bdf321ecc9
Merge branch 'develop' into change-var-aws-public-url 2021-10-28 17:46:16 -07:00
snipe 645529ba78
Merge pull request #9889 from ncareau/api-licenses
Add licenses api parameters and fix a missing variable in license view.
2021-10-28 17:20:09 -07:00
snipe 2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1
API: Do not include deleted items per default on lookup by serial
2021-10-28 17:09:20 -07:00