* adds permission checks to custom fields
* adds permission checks to custom fieldsets
* adds separate permissions for custom fieldsets
* check for permissions in views
* Removes custom fieldsets from permissions config
* Proxy the authorization for custom fieldsets down to custom fields.
This allows us to use the existing permissions in use and have more semantically correct authorization checks for custom fieldsets.
* simplifies the authorization check for the custom fields overview
* removes special handling of custom fieldsets in base policy
I just realised that this code duplicates the logic from the custom fieldset policy.
Since we are checking for the authorization of custom fields anyway, we can just use the columnName for the fields.
* cleanup of unused imports
* WIP - beginning of improved requested assets
- Use Ajax tables for faster loading
- Use new notifications for requesting an asset
TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user
* Only show asset name in email if it has one
* Refactor requested method to only include non-canceled requests
* Refactored requestable assets to log request and cancelation
* Added softdeletes on checkout requests
* Differentiate between canceling and deleting requests
* Added asset request cancelation notification
* Added timestamps and corrected unique key on requests table
* Improved requests view
* Re-use blade for cancel/request email
* Refactored BS table formatter for requested assets
* Location name min reduced to 2
* Added PAT test as maintenance option
This needs to be refactored into database-driven options with a UI
* Better slack message
* Added getImageUrl method for assets
* Include qty in request notifications
TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1
* Removed old asset request/cancel emails
* Added user profile asset request routes
* Added profile controller requested assets method
* Added blade link to requested assets for profile view
* Sort user history desc
* Added requested assets blade
* Added canceled at to checkoutRequest method
* Include qty in request
* Fixed comment, removed allowed_columns
* Removed Queable methods, since we don’t use a queue
* Fixed return type in method doc
* Fixed version number
* Changed id to user_id for clarity
* Add Authorizable trait and interface to our user model so we have access to User::can/User::cant. We should take a look at where else our user model has diverged from Larvel since it was created...
* Policy cleanup/fixes.
This commit adds policies for the missing backend/"settings" areas. The
permissions were implemented a while back but the policies did not, so
authorizing actions was failing.
In addition, this condenses a lot of code in the policies into base
classes. Most of the files were identical except for table names, so we
move all of the checks into a base class and override the table name in
each policy.
* Use a better name and permission for the check in the default layout.
* Add laravel routes to javascript
This will clean up a lot of passing of urls. Adds a route() helper and
everything...
This commit also moves the customfield fetching to only be fetched once
and shared with each file, rather than once for each file.
* Try to fix travis unit test things.
* Downgrade doctrine/inflector for php5
* Attempt to occasional seeder issues on travis if the asset does not generate validatable data.
* Update sql dump for functional tests.
* Try to fix api tests.
* Fix some n+1 problems
* Use route in notification dropdown to make sure we link to correct page
* Work on better UI support for checkout to non-user. Fix links on index bootstrap table, work towards eliminating assignedUser
* Remove Asset::assigneduser() relationship. Instead add a checkedOutToUser() method and/or port to using assignedTo()
* Adjust string to fit new reality
* Fix#3780. Move the consumables getDataView method to the ApiController. Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...
* Fix file uploads to assets and restore the delete route.
* Add asset maintence edit action to index.
* Suppliers asset list should link to the related asset, not to the supplier with same ID.
* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.
* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
The solve here was a few things - first, load jquery-ui before bootstrap. They have conflicting tooltips. Second, initiate the tooltips in the wenzhixin/bootstrap-table formatter using `data-tooltip=“true”`, and thirdly, add some JS that tells BS table to inititalize tooltips within the table using that `data-tooltip=“true”` business
* Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue.
* Pull the modal out into a dedicated partial, move importer to views/importer.
* Add document of CSV->importer mappings. Reorganize some code.
Progress.
* Add header_row and first_row to imports table, and process upon uploading a file
* Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier.
* Fix import processing after moving method.
* Frontend importer mapping improvements.
Invert display so we show found columns and allow users to select an
importer field to map to. Also implement sample data based on first row
of csv.
* Update select2. Maintain selected items properly.
* Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish.
* We no longer use vue-modal plugin.
* Add a column to track field mappings to the imports table.
* Cleanup/rename methods+refactor
* Save field mappings and import type when attempting an import, and repopulate these values when returning to the page.
* Update debugbar to fix a bug in the debugbar code.
* Fix asset tag detection.
Also rename findMatch to be a bit clearer as to what it does.
Remove logging to file of imports for http imports because
it eats an incredible amouint of memory.
This commit also moves imports out of the hardware namespace and into
their own webcontroller and route prefix, remove dead code from
AssetController as a result.
* Dynamically limit options for select2 based on import type selected, and group them by item type.
* Add user importer.
Still need to implement emailing of passwords to new users, and probably
test a bit more.
This also bumps the memory limit for web imports up as well, I need to
profile memory usage here before too long.
* Query the db to find user matches rather than search the array. Performance is much much better.
* Speed/memory improvements in importers.
Move to querying the db rather than maintaining an array for all
importers. Also only store the id of items when we import, rather than
the full model. It saves a decent amount of memory.
* Remove grouping of items in select2
With the values being set dynamically, the grouping is redundant. It
also caused a regression with automatically guessing/matching field
names. This is starting to get close.
* Remove debug line on every create.
* Switch migration to be text field instead of json field for compatibility with older mysql/mariadb
* Fix asset import regression matching email address.
* Rearrange travis order in attempt to fix null settings.
* Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
* Fix maintenances create button, and post to the proper route in maintences edit
* Fix consumable tab when active.
* Fix an html formatting error that resulted in us not closing a form. This would cause the checkin page to try to submit a delete request (related to the modal form) rather than the desired checkin request. Also fix formatting in this file.
* Use log mail driver for testing, should fix the functional issue. Disable acceptance tests on travis for now.
* Fix Category edit page.
* EOL Can be null.
* Add presenters for models. Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot. Move view specific modifications from the models to the presenters as well.
* Fix some issues found by travis and codacy
* Fix a few more issues found while testing.
* Attempt another acceptance test fix
* Try something else
* Maybe..
* Make delete routes work. We put a little form in the modal that spoofs the delete field.
* Fix route on creating a user.
* Fix redundant id parameter.
* Port acceptance tests to new urls.
* Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future.
* This needs to stay for the dashboard checks.
* Add user states for permissions to build tests.
* Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider
* Migrate various locations to new syntax. Update test to be more specific
* Fix functional tests.
Add an artisan command for installing a settings setup on travis-ci
* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.
* Try to fix travis
* Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.:
* Add a environment for travis functional tests.
* Adjust config file to make travis use it.
* Use redirect()->route instead of redirect()-to
* Dump all failures in the output directory if travis fails.
* Cleanups and minor fixes.
* Adjust the supplier modelfactory to comply with new validation restrictions.
* Some test fixes.
* Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation
* Update test database dump to latest migrations.
* Make delete routes work. We put a little form in the modal that spoofs the delete field.
* Fix route on creating a user.
* Fix redundant id parameter.
* Port acceptance tests to new urls.