Commit graph

90 commits

Author SHA1 Message Date
snipe a7dc6162fa Simplify password attempts rate limiting
Signed-off-by: snipe <snipe@snipe.net>
2022-06-22 09:11:24 -07:00
snipe b00db3cc56 Added throttling to password reset token form
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 19:30:11 -07:00
snipe 172e8d463f Use newer forgotten password variables
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 19:11:57 -07:00
snipe 17ee332715 Remove throttle from GET in password reset
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 18:53:14 -07:00
snipe 386272a618 Manually add the additional routes so we can throttle them
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 18:40:53 -07:00
snipe 93eba43b76 Removed trailing slash from route
Signed-off-by: snipe <snipe@snipe.net>
2022-05-19 17:55:59 -07:00
Johnson Yi 4401dab8d6 fix saml slo for logout 2022-05-14 11:59:34 +00:00
snipe 1424e168d6 Switch logout back to post
Signed-off-by: snipe <snipe@snipe.net>
2022-05-13 13:30:11 -07:00
snipe 7c82f5670b One more 2FA login change
Signed-off-by: snipe <snipe@snipe.net>
2022-05-13 12:48:55 -07:00
snipe 32bbe7c715 Fixed 2FA middleware
Signed-off-by: snipe <snipe@snipe.net>
2022-05-13 12:45:54 -07:00
Godfrey M 5fcc3c39f3 routes eula agreements for download correctly to the asset history 2022-03-16 11:56:56 -07:00
Godfrey M e1a6a2afc6 adds translation for accept_eula, a bit more logic on the Acceptance Controller that is not working yet 2022-03-10 12:15:50 -08:00
Godfrey M 59c583ac74 adds the ability to save eula pdfs to storage, still working on storing them in the DB and exposing them in the UI 2022-03-08 16:42:27 -08:00
Brady Wetherington c527a5c6e7 Duplicate route meant overwrite of route-name 2022-01-13 16:03:32 -08:00
snipe 43c57c8461 Merge master into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Http/Controllers/BulkAssetModelsController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/ModalController.php
#	app/Http/Transformers/GroupsTransformer.php
#	config/version.php
#	package-lock.json
#	public/css/build/app.css
#	public/css/build/overrides.css
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/assets/less/overrides.less
#	resources/lang/en/admin/hardware/message.php
#	resources/lang/en/admin/settings/general.php
#	resources/views/partials/bootstrap-table.blade.php
#	routes/web.php
2022-01-12 20:51:33 -08:00
snipe 9b2dd6522f Switch GET to POST for asset request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 20:36:08 -08:00
snipe 4ca2252e3b Switches GET to POST for request assset
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 20:32:29 -08:00
snipe 542ab75d89 Added new backup routes
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 19:39:50 -08:00
snipe b5855e7be5 Removed get route for logout
Signed-off-by: snipe <snipe@snipe.net>
2021-11-08 12:35:15 -08:00
snipe aa8f1378c9 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	README.md
#	app/Http/Controllers/Accessories/AccessoriesController.php
#	app/Http/Controllers/Api/AssetMaintenancesController.php
#	app/Http/Controllers/Api/AssetModelsController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetMaintenancesController.php
#	app/Http/Controllers/Assets/AssetFilesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Assets/BulkAssetsController.php
#	app/Http/Controllers/Components/ComponentsController.php
#	app/Http/Controllers/Consumables/ConsumablesController.php
#	app/Http/Controllers/Licenses/LicenseFilesController.php
#	app/Http/Controllers/Licenses/LicensesController.php
#	app/Http/Controllers/Users/UserFilesController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Http/Transformers/LicensesTransformer.php
#	app/Importer/UserImporter.php
#	app/Models/Asset.php
#	config/app.php
#	config/version.php
#	package-lock.json
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/lang/en/admin/users/message.php
#	resources/lang/is/button.php
#	resources/lang/ja/admin/kits/general.php
#	resources/lang/ro/admin/users/general.php
#	resources/lang/zh-HK/admin/depreciations/general.php
#	resources/lang/zh-HK/admin/models/general.php
#	resources/views/hardware/qr-view.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/users/view.blade.php
#	routes/web.php
#	routes/web/hardware.php
#	routes/web/models.php
#	routes/web/users.php
2021-10-20 17:26:41 -07:00
Dampfklon ab4a234e20 fix rebase errors 2021-10-07 21:32:57 +02:00
Dampfklon 4418ad2340 Enable display of deleted acceptances, strike deleted users, add date, enable sorting 2021-10-07 21:03:46 +02:00
Dampfklon 12ee06deb6 add Download All Button, change route analogue to activity report 2021-10-07 21:01:50 +02:00
Dampfklon ed99532c30 Unaccepted Assets Report Actions (send reminder, delete) added
Unaccepted Assets Export fixed
2021-10-07 20:53:02 +02:00
snipe caad5be957 Updated routes to use POST for restore
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 17:17:36 -07:00
snipe b7f45d2ae2 Re-emable auth routes
Signed-off-by: snipe <snipe@snipe.net>
2021-06-11 19:02:25 -07:00
Brady Wetherington 42316f3ba7 Finished fixing the web routes file and put a gigantic warning in the api routes file 2021-06-11 17:12:06 -07:00
Brady Wetherington fc5c0a0e95 Basic fixes to at least get the dashboard up 2021-06-11 15:23:44 -07:00
snipe 3095a78664 Small tweaks to Dashboard controller
Still gettiing a bizarre `Non-static method App\Http\Controllers\DashboardController::index() should not be called statically` error

Signed-off-by: snipe <snipe@snipe.net>
2021-06-11 14:43:47 -07:00
snipe a8123092af Misc fixes for shift
// TODO - re-fix the exception handler

Signed-off-by: snipe <snipe@snipe.net>
2021-06-11 14:07:50 -07:00
Laravel Shift b62d1f49e4 Shift cleanup 2021-06-10 20:19:27 +00:00
Laravel Shift bdf23e472e Shift to class based routes 2021-06-10 20:17:14 +00:00
Laravel Shift 934afa036f Adopt Laravel coding style
Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions.

You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started.

[1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer
[2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 20:15:52 +00:00
snipe b9bab05ac3 Merge branch 'master' of https://github.com/ajsy/snipe-it into ajsy-master
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	resources/views/users/print.blade.php
2021-04-05 20:55:49 -07:00
Vincent Lainé d6ead5ae17
Added #8931: add health controller without session (#8978)
* Added health controller

* Trying to move session middleware to web and api group to have health controller without session

* Fix health route store the session

Co-authored-by: Vincent Lainé <v.laine@dental-monitoring.com>
2021-01-26 12:10:54 -08:00
snipe 1f5bcf2475 Added option to download activity report 2020-11-13 16:25:05 -08:00
Daniel Meltzer 7ea862787c
Refactor controller to use one method that shows all modals based on name. 2020-05-23 15:24:00 -04:00
ajsy a714cd357f Update web.php 2019-05-03 15:22:05 +03:00
ajsy 5dcf9fbb50 Update web.php 2019-04-19 13:20:44 +03:00
ajsy c11e93b72f Update web.php 2019-03-09 11:14:24 +03:00
Dmitrii Minaev 5f3a0bdea5 app\Services\PredefinedKitService.php rename to app\Services\PredefinedKitCheckoutService.php
add accessories and consumables tables
add selectlist api to:
 app\Http\Controllers\Api\AccessoriesController.php
 app\Http\Controllers\Api\ConsumablesController.php
 app\Http\Controllers\Api\LicensesController.php
templates for selectlist
apply kit to user works
2019-02-19 22:19:00 +03:00
Minaev Dmitriy 9d5cd27575 New save mechanic 2018-10-31 16:06:38 +03:00
Till Deeke 86f49d34c3 Redirects users from old acceptance screen to new overview 2018-09-10 17:13:16 +02:00
Till Deeke 8648d53d25 Adds checkout acceptances
A checkout acceptance gets generated for every item that needs to be checked out. This resource tracks the user user who can accept the item and their signature
2018-08-06 14:47:26 +02:00
Till Deeke 830a6cf67e Adds accepting/declining to new controller 2018-08-06 14:46:10 +02:00
snipe 694166862e
Added attempted logins admin screen (#6018)
* Added attempted logins admin screen

* Smaller table spacing
2018-08-01 03:51:59 -07:00
Daniel Meltzer 64d649be7f Monster: Cleanup/Refactor http controllers. (#5916)
* Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods.

* Use same image upload/layout in accessories as consum+components.

* Monster: Cleanup/Refactor http controllers.

This cleans up docblocks, pulls most non-crudy actions into their own
controllers, and does general cleanup/logic refactoring.  There /should/
be no functional changes, but we all know how should works..

Extract checkin/checkout functions to a separate controller for accessories.

Move controllers to subdirectory.

Cleanup AssetModelsController

Extract component checkin/checkout

Assorted cleanups/doc/formatting in controllers.

Refactor LicenseController.

Refactor UsersController

Update viewassetscontroller.

* Codacy cleanups

* More codacy cleanups.  Extract a LicenseCheckout Form request as well.

* A bit more refactor/cleaning of the license checkout method.

* Review Related Cleanups

* Fix most of the item_not_found translations.  In many cases, the
string being generated did not even use the id parameter.  Where it
does, pass it as id instead of as a different value.

* Remove some old $data arrays from when we manually sent emails from
the controllers.  This has been superseeded by the notification system
(yay!)

* Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
snipe 0be69f57ac Improved files display 2018-05-02 14:13:06 -07:00
snipe 97f748d58e Removed old reports methods and routes
We only use the custom asset report now
2018-05-02 03:44:31 -07:00
snipe 8a6713d5c0
WIP - Improved requested assets (#5289)
* WIP - beginning of improved requested assets

- Use Ajax tables for faster loading
- Use new notifications for requesting an asset

TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user

* Only show asset name in email if it has one

* Refactor requested method to only include non-canceled requests

* Refactored requestable assets to log request and cancelation

* Added softdeletes on checkout requests

* Differentiate between canceling and deleting requests

* Added asset request cancelation notification

* Added timestamps and corrected unique key on requests table

* Improved requests view

* Re-use blade for cancel/request email

* Refactored BS table formatter for requested assets

* Location name min reduced to 2

* Added PAT test as maintenance option

This needs to be refactored into database-driven options with a UI

* Better slack message

* Added getImageUrl method for assets

* Include qty in request notifications

TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1

* Removed old asset request/cancel emails

* Added user profile asset request routes

* Added profile controller requested assets method

* Added blade link to requested assets for profile view

* Sort user history desc

* Added requested assets blade

* Added canceled at to checkoutRequest method

* Include qty in request

* Fixed comment, removed allowed_columns

* Removed Queable methods, since we don’t use a queue

* Fixed return type in method doc

* Fixed version number

* Changed id to user_id for clarity
2018-04-04 17:33:02 -07:00