DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-13 00:54:07 -08:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
6824 commits 97 branches 266 tags 292 MiB
Commit graph

2951 commits

Author SHA1 Message Date
snipe 42fcd29200 Fixed #10436 on master, applies #10449 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-22 21:06:54 -08:00
snipe dc2e6c2b06 Adds consumables endpoint to user API 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-22 20:44:34 -08:00
Brady Wetherington 64f83f9a5f Move HandleCors middleware to be universal 2022-02-22 17:43:40 -08:00
snipe d1b45a83b8 Blergh, one more linebreak 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-17 14:51:06 -08:00
snipe 01a8701a8c Removed extra linebreaks 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-17 14:50:38 -08:00
snipe 67fe53e32a Removed debugging, added comments 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-17 14:50:07 -08:00
snipe 7f6b8cc43d Removed carbon, since we went with PHP's datetime instead 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-17 14:48:12 -08:00
snipe 5fe999eb02 Shored up the date math, updated the explanation 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-17 14:34:33 -08:00
snipe ea429d650e Initial audit date fix 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-16 20:19:38 -08:00
snipe 4f89dfee49
Merge pull request #10679 from snipe/fixes/timing_attack_mitigation_for_forgot_password 
Added usleep random to forgotten password method to mitigate timing attacks
 2022-02-16 11:17:00 -07:00
snipe 017534bc07 Added deleted_at to license transformer 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-16 09:33:28 -08:00
snipe 5540069cce Be more specific with deleted license point 
Require this value to be "true" speciically to get the deleted list

Signed-off-by: snipe <snipe@snipe.net>
 2022-02-16 09:14:04 -08:00
snipe 1ad56760ce Adds delete endpoint for licenses 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-16 09:08:50 -08:00
Brady Wetherington 290baf1c8d refactor and clean up attribute-changing logic for assets 2022-02-15 18:29:45 -08:00
snipe f878e0ad66 Fixes 2FA cookie -> user issue 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-15 18:29:23 -08:00
snipe 178e440951 Added usleep :( 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-15 18:09:58 -08:00
snipe cab4fa1687 Fixes some conceptual gates 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-14 15:42:23 -08:00
snipe 4804e5b3ab Added Asset edit/delete gates to maintenances 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-14 15:34:06 -08:00
snipe d77a47765e Adds gate to supplier 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-13 11:53:45 -07:00
snipe d6b8222371 Refactor to combine permissions 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 12:48:30 -08:00
snipe 2c5abaaea4 Fixed copypasta 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 12:32:09 -08:00
snipe c1a0653847 Restrict to update or create gate methods for select lists 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 12:31:11 -08:00
snipe 9226c8292d Fixed typos in comments 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 12:02:14 -08:00
snipe 5fafa81dc1 Forgot components 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 11:57:29 -08:00
snipe b30d1dce89 Removed selectlist 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 11:55:24 -08:00
snipe 2dad27eed6 Added additional gate for selectlists 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-11 11:46:14 -08:00
snipe f5ffda8053 Ahem. 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-10 22:43:51 -08:00
snipe ed931ef0cd
Merge pull request #10654 from inietov/fixes/trying_to_get_property_checkin_email_of_non-object 
Fixes  ErrorException: Trying to get property 'checkin_email' of non-object [sc-17568]
 2022-02-10 12:23:50 -08:00
Ivan Nieto Vivanco bf4ee18123 Validates if model and model->category exist before return the checkin_email property 2022-02-10 11:58:55 -06:00
snipe 70af10ae6c
Merge pull request #10640 from JonathonReinhart/10552-add-checkin-api-date 
Fix #10552: Add checkin_at parameter to /hardware/:id/checkin API
 2022-02-10 09:54:20 -08:00
snipe b9a8d45c07 Better messaging 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 16:30:42 -08:00
snipe 7794c2f44b Check that the fieldset exists before trying to detach it from the fieldset 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 16:16:16 -08:00
snipe eedc14401a Switch to searching on semicolon instead of & 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 15:55:22 -08:00
snipe 4e14d70427 Added jobtitle to unescaper 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 15:50:44 -08:00
snipe 2a71690aaf Added license_name to unescaper 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 15:17:57 -08:00
snipe e4da00ca82 Catch potential validation errors on unescape tool 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 15:09:49 -08:00
snipe 4fd14e5859 Added slightly more output because wtf? 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 15:05:28 -08:00
snipe 441f1fbb64 Remove html_entities_decode restriction 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-09 14:56:36 -08:00
snipe d06e3dd892 Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-09 14:40:33 -08:00
snipe 6b25b53462
Merge pull request #10628 from inietov/fixes/default_values_dont_allow_checkbox_radio 
Fixes #10299 Default Values do not allow Checkbox/Radio Buttons
 2022-02-09 14:39:46 -08:00
Ivan Nieto Vivanco 6d79c9f3e2 Save the default values for custom fields with same format than Assets do for actual values 2022-02-09 13:41:33 -06:00
Ivan Nieto Vivanco a36957dd77 Finish the implementation of custom fields default values for checkboxes 2022-02-09 13:12:42 -06:00
Ivan Nieto Vivanco 2f3499e4b9 Show checkboxes a little less assy, actually save the data checked by them 2022-02-09 10:49:10 -06:00
Jonathon Reinhart 3536d08477 Add checkin_at parameter to /hardware/:id/checkin API 
Fixes #10552
 2022-02-08 20:23:09 -05:00
Brady Wetherington 9a66f6a254 Remove extraneous backslash 2022-02-08 12:09:40 -08:00
Brady Wetherington 5e94726ec1 Properly alert when invalid JSON is submitted to something that wants JSON 2022-02-08 12:05:05 -08:00
Ivan Nieto Vivanco 413e44be2f Add custom date to checkin actionlogs and show it in the history of the asset tab 2022-02-08 11:58:23 -06:00
Jonathon Reinhart cd963179fd Fix /hardware/{id}/checkin API response on error 
Fixes #10629
 2022-02-08 01:08:42 -05:00
snipe 474f24e40e Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-07 18:27:59 -08:00
snipe b3a0f86431 Temp fix for weird JSON format in history 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-07 18:27:55 -08:00
Brady Wetherington f1d4087317 Fix "secure hostnames" feature for subdirectory-based Snipe-IT installs 2022-02-07 11:26:54 -08:00
Brady Wetherington 36ae6f9430 Yanked debugging code, tightened up comments. 2022-02-03 19:41:16 -08:00
Brady Wetherington 1945b97b72 Just trying to really tighten up on the LDAP Active Flag and how we parse it. 2022-02-03 19:04:56 -08:00
Brady Wetherington 392e61688d Rework the LDAP sync command to better handle the active flag 2022-02-03 15:01:45 -08:00
snipe ac5c6123bc Fixes #10563 - LDAP active flag - hopefully? 
Signed-off-by: snipe <snipe@snipe.net>
 2022-02-02 18:07:34 -08:00
Ivan Nieto Vivanco eac8e0bdba Add a casting to a truthy/falsy that needs to be integer 2022-02-02 13:54:57 -06:00
Ivan Nieto Vivanco 2fec40d7df Adds actionlog for bulk edits 2022-02-01 00:00:12 -06:00
snipe aa3aa78204 Adds Lookup Asset by Custom Field via API [sc-18632] 
Signed-off-by: snipe <snipe@snipe.net>
 2022-01-28 09:08:48 -08:00
snipe db0a078c0b
Merge pull request #10573 from uberbrady/fix_force_root_url 
Add some guardrails around very-badly formatted APP_URL settings
 2022-01-27 11:29:29 -08:00
Brady Wetherington 1cf1278b3b Fix whitespace issues 2022-01-27 11:28:51 -08:00
Brady Wetherington 70648dedd3 Add some guardrails around very-badly formatted APP_URL settings 2022-01-27 11:21:46 -08:00
snipe 9634dde0dd
Merge pull request #10567 from inietov/fixes/importing_and_checking_out_licenses_master 
Fixes Importing licenses without product key duplicates the license
 2022-01-27 10:58:06 -08:00
snipe c70ae19c28
Merge pull request #10529 from uberbrady/fix_insecure_host_headers 
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden (v5)
 2022-01-26 16:59:55 -08:00
Ivan Nieto Vivanco 55fdc86e02 Tweak query in the License Importer to not require a Product Key 2022-01-26 17:51:04 -06:00
Ivan Nieto Vivanco 1fc71a4111 Add Zip field in the User Importer 2022-01-19 13:35:54 -06:00
Brady Wetherington 0c4768fd2a Force UrlGenerator's Root URL to be the base of APP_URL unless overriden 
(For v5)
 2022-01-18 15:52:59 -08:00
Ivan Nieto Vivanco a05795420a Respect the default value of 60 days in expiring licenses 2022-01-18 14:34:14 -06:00
Ivan Nieto Vivanco 42d86bf57b Adds default values if the expiring alerts threshold is null 2022-01-18 14:21:49 -06:00
Ivan Nieto Vivanco f510b9c2a9 Add query to filter non-deprecable assets when the Depreciation Report is called 2022-01-15 14:21:31 -06:00
Ivan Nieto Vivanco 153c30eda8 Add to Importer the capacity to search Models only with Model Name since Model Number is not required 2022-01-15 04:32:47 -06:00
snipe be7e6ed847
Merge pull request #10502 from uberbrady/ldap_useraccountcontrol_dont_req_preauth 
Add new UserAccountControl to permitted UAC's for AD.
 2022-01-13 17:01:47 -08:00
snipe 984db1ef44 Apply personal API token fix to master 
Signed-off-by: snipe <snipe@snipe.net>
 2022-01-13 01:39:56 -08:00
Brady Wetherington c8fe929e09 Add new UserAccountControl to permitted UAC's for AD. 2022-01-12 12:07:51 -08:00
Haxatron bb095641c2
Update BulkAssetModelsController.php 
https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7
 2022-01-06 09:50:11 +08:00
snipe 884b6b0270 Fixes format property on invalid custom field object 
Signed-off-by: snipe <snipe@snipe.net>
 2022-01-03 19:14:50 -08:00
snipe 2ee84c2675 Added a few more comments 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-30 18:33:28 -08:00
snipe c6ce928567 Added allow list to modal view options 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-30 18:16:49 -08:00
snipe b4fac3e4ae Fixed missing index for fieldsets 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-30 13:16:44 -08:00
snipe bad6b862ca assets_count doesnt exist as a column 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-30 12:59:16 -08:00
snipe 8588e9ebf1 Fixed #10469 - increased size of supplier address field 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-27 12:28:02 -08:00
Alex Janes d0bfd8dfd2 Fixed the collection of the groups total to GroupsTransformer.php. Groups page should now paginate correctly. 2021-12-23 20:54:34 -05:00
snipe 9b2dd6522f Switch GET to POST for asset request 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-16 20:36:08 -08:00
Bradley Coudriet dbdc1c7f3f
Update SettingsController.php to save Slack Settings 
This goes with #10438 that I just submitted about Slack Settings not saving.

This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
 2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco c80aa2a289 Add title column to custom reports 2021-12-14 12:05:33 -06:00
snipe 25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected 
Fixes bulk edit message counts more users than the actual selected users number
 2021-12-13 14:13:14 -08:00
snipe 9d5d1a9f9a Added escape to assigned_to API response 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco a419a690d4 Add a variable to better control the selected user's ids 2021-12-11 18:01:38 -06:00
Brady Wetherington acfb41f129 Remove 'actionlog' from the ::with() clause in the asset query API 2021-12-10 18:42:56 -08:00
Haxatron 1699c09758
Update AssetModelsController.php 2021-12-09 21:42:18 +08:00
Haxatron 918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/ 2021-12-09 12:57:04 +08:00
snipe 86afe6c4b1 Cleanup slack validation 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 18:03:56 -08:00
snipe ff97b359ad Removed form request on ajax, cleaned up some other things 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 17:58:46 -08:00
snipe 81b66d0039 Change validation failure to 422 to make it consistent with Laravel's default 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 17:54:35 -08:00
snipe 8fa690b635 Reverting form request because it doesn't seem to work (????!!) 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 17:54:15 -08:00
snipe 8c1cd87831 Added slacksettingsrequest as use statement 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 15:56:22 -08:00
snipe 80d36cd72b Added slack settings request 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 15:53:05 -08:00
snipe ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes 
Escape notes in transformCheckedOutAccessory
 2021-11-24 19:56:36 -08:00
snipe 00fad35c2a Escape notes in transformCheckedOutAccessory 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-24 19:54:45 -08:00
snipe 3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names 
Apply trim() function when storing Custom Fields names
 2021-11-24 19:42:04 -08:00
snipe 830d07f84f Removed escaping on input save for asset checkout on creation 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-24 19:19:32 -08:00