Commit graph

628 commits

Author SHA1 Message Date
snipe 4f2439ae1c Add Passport API token generator 2016-12-14 10:53:01 -08:00
snipe 25f60264bd Passport scaffolding 2016-12-14 10:06:05 -08:00
snipe 91fe136fd3 More nullables 2016-12-14 09:58:12 -08:00
snipe 37c847ea08 Clearer/updated/named custom fields routes
This is still broken
2016-12-14 09:56:23 -08:00
snipe 37f93a2861 Better validation using nullable 2016-12-14 09:55:45 -08:00
snipe 7c774352e5 Fix depreciated lists() method 2016-12-14 09:55:35 -08:00
snipe 863e200430 Hopefully fixes tons of PEBKAC where users have the wrong app.url 2016-12-14 08:20:05 -08:00
snipe 8e5977ad84 Updated maintenance views 2016-12-14 07:56:01 -08:00
snipe 68ac4abe2c Updated throttling override for 5.3 2016-12-14 06:30:51 -08:00
snipe 433adb1dcb Updated traits and method names for 5.3 2016-12-14 05:06:51 -08:00
snipe 5cd7e84d98 Renamed Password controllers to new 5.3 versions 2016-12-14 05:06:15 -08:00
snipe b83f73f7d6 Updated providers for 5.3 2016-12-14 04:32:24 -08:00
snipe 8ca5c6c25e Moved routes to new new routes files for 5.3 2016-12-14 04:32:10 -08:00
snipe f0dd4c5a97 Remove middleware for checking for maintenance
This is (mostly) a built-in feature in Laravel 5.3
2016-12-14 04:31:19 -08:00
snipe 65db55908a Rename to AuthController to LoginController 2016-12-14 04:30:56 -08:00
snipe ae66bba0f1 Fixes #3015 - increase size of state field in suppliers 2016-12-07 17:50:20 -08:00
snipe e7ac860f77 Supress error if pagination isn’t set up on the server 2016-12-07 17:07:48 -08:00
Daniel Meltzer 927a12f78d Fix #2985. Missed in the field rename (#3014) 2016-12-05 15:09:14 -08:00
Brady Wetherington 6f9a82f4ea On a succesful LDAP user-creation, we should return the $user, not (#3008)
just 'true'.
2016-12-01 15:54:13 -08:00
snipe 1be22cf051 Improved versioning script 2016-12-01 02:53:41 -08:00
snipe 7ccef51a4f Removed some dumb comments 2016-12-01 02:25:53 -08:00
snipe 4c418bf622 Remove unused $request variable 2016-12-01 02:13:00 -08:00
snipe 16cfdbaa93 Redirect the lost password success back to login 2016-12-01 02:04:43 -08:00
snipe 3f8f6ad981 Fixes #2995 - adds max login attempts/duration as .env option 2016-12-01 02:04:15 -08:00
snipe d8d800bb7a Fixes #2997 - don’t include soft-deleted maintenances 2016-12-01 00:55:00 -08:00
snipe 5bca1ed2b6 Allow supression of debug warning for demo 2016-12-01 00:48:43 -08:00
snipe 68b9ffb908 Only allow login via LDAP if the user was already imported or created via LDAP 2016-12-01 00:29:45 -08:00
snipe 6c366eb112 Fixes potential login issue if password syncing is set to true 2016-11-30 20:39:43 -08:00
snipe 820d37cabb Custom logging to only show debug info if the app is in debug mode
or if the user has overridden the APP_LOG_LEVEL in their env
2016-11-30 20:38:46 -08:00
snipe ce056c39e5 Removed requirement for serial number
Some folks will use a license file instead
2016-11-29 14:06:33 -08:00
snipe b6ffb8b3df Protect edit route as well 2016-11-29 13:40:00 -08:00
snipe f5e100a6a5 Only allow asset files to be deleted, maintenances to be added if user has assets.edit permission 2016-11-29 13:37:45 -08:00
snipe abcc01f5e0 More language string corrections 2016-11-29 12:48:00 -08:00
snipe 4dbe8fad30 More language string fixes 2016-11-29 08:46:33 -08:00
snipe 7bf1664b8f Allow XML mimetypes 2016-11-29 08:01:08 -08:00
snipe b0d8711002 Add .lic as possible license file type 2016-11-29 07:22:45 -08:00
snipe 53404f3d1c Fixes asset model clone 2016-11-29 06:16:52 -08:00
snipe f605821143 Remove unneeded use statements 2016-11-29 06:14:33 -08:00
snipe cab331f3f8 Link model name in category view 2016-11-29 06:14:20 -08:00
snipe eb340b0fa9 Add fieldset to asset model listing 2016-11-29 06:06:52 -08:00
snipe 3acc4065ce Merge branch 'develop' of github.com:snipe/snipe-it into develop 2016-11-29 05:19:24 -08:00
snipe 2ce67e9443 Derp. 2016-11-29 05:19:18 -08:00
Daniel Meltzer 263f19bdad Fix error in partializing with creating an asset maintenance. (#2987) 2016-11-29 05:02:48 -08:00
snipe 4fc88f673d Only check if table exists if there is not a value for the static cache yet 2016-11-29 05:02:14 -08:00
snipe dbb2b62223 Fixed cranky Codacy result 2016-11-29 01:44:24 -08:00
snipe 2603488bd6 Removed settings middlware
(Already handled via AppServiceProvider)
2016-11-29 01:19:52 -08:00
snipe 81a0e06c40 Automatically log the user in after user creation 2016-11-29 01:19:25 -08:00
snipe 0d6b160b61 Fix mail test script 2016-11-29 01:19:05 -08:00
snipe 16a24b7fb8 Use getSettings() to check for locale to take advantage of cached value 2016-11-29 00:21:58 -08:00
snipe ba23952852 Add red banner if app is in production mode and debugging is turned on 2016-11-29 00:08:20 -08:00
snipe 4c08331c9d Get settings in middleware, makr available in views 2016-11-28 22:53:16 -08:00
snipe cc943e22db Fixes #2970
Should probably override this later using the global settings variable
2016-11-28 22:38:11 -08:00
Daniel Meltzer 3592bdb2e1 Assocate a locations asset with User, not log. (#2973)
This fixes an issue where locations could not be deleted if at any point
they had an associated log entry.  Fixes #2916
2016-11-24 12:48:22 -08:00
Daniel Meltzer b8cbf0022e Log fixes (#2972)
* Make sure we set target_type when creating an accept asset log, and add a migration to fix older ones.

* On a declined log, we don't have an assigned user.

 Guard against this conditional (which realistically should never be hit?)
Should fix #2940

* Fix codacy issues with migration.
2016-11-24 12:48:14 -08:00
Brady Wetherington dd3718489a Attempt to fix #2961. Also inadvertently added the ability to rename (#2974)
and delete custom fields, as well. Bonus!
2016-11-24 12:48:03 -08:00
snipe 45c789021e Add employee number option to custom report 2016-11-23 05:17:54 -08:00
snipe 54dec2147c Merge branch 'develop' of github.com:snipe/snipe-it into develop 2016-11-21 18:40:38 -08:00
snipe bc84f80e20 Check if sig_filename exists 2016-11-21 18:40:26 -08:00
Daniel Meltzer ac9fd3b3bb Update LicensesController.php (#2948)
* Update LicensesController.php

Should fix #2939.  Cannot test at the moment, so please check :)

* Add delete tests.  Improve test item generation.

* Add relationship here.

* Fix some issues with seeding.
2016-11-20 19:59:57 -08:00
snipe d8eb68af83 Merge branch 'hotfixes/accessory_model_number' into develop
# Conflicts:
#	resources/views/accessories/edit.blade.php
2016-11-17 20:01:01 -08:00
snipe d0d9d82579 Add model number to accessories 2016-11-17 19:57:53 -08:00
Daniel Meltzer 55ccc000eb Fix loggable checkin (#2935)
* Log the user items are checked in from

This restores functionality that was lost in the port to loggable.
I'd still like to figure out a better term for the table, currently it says to, but I wonder if target is a better choice?

* Fix display of remaining seats on license view
2016-11-17 15:54:29 -08:00
Daniel Meltzer d722ed3823 Partialize forms (#2884)
* Consolidate edit form elements into reusable partials.

This is a large code change that doesn't do much immediately.  It
refactors all of the various edit.blade.php files to reference
standardized partials, so that they all reference the same base html
layout. This has the side effect of moving everything to the new fancy
"required" indicators, and making things look consistent.

In addition, I've gone ahead and renamed a few database fields.  We had
Assetmodel::modelno and Consumable::model_no, I've renamed both to
model_number.  We had items using ::note and ::notes, I've standardized
on ::notes.  Component used total_qty where consumables and accessories
used qty, so I've moved everything to qty (And fixed a few bugs in the
helper file in the process.

TODO includes looking at how/where to place the modal javascripts to
allow for on the fly creation from all places, rather than just the
asset page.

Rename assetmodel::modelno to model_number for clarity and consistency

Rename consumable::model_no to model_number for clarity and consistency

Rename assetmodel::note to notes for clarity and consistency

Port asset and assetmodel to new partials layout.  Adapt all code to the renamed model_number and notes database changes.  Fix some stying.

* Share a settings variable with all views.

* Allow editing the per_page setting.  We showed the value, but we never showed it on the edit page..

* use snipeSettings in all views instead of the long ugly path.

* War on partials. Centralize all bootstrap table javascript

* Use model_number instead of modelno in importer

* Codacy fix.

* More unification/deduplication.  Create an edit form template layout that we use as the base for all edit forms.  This gives the same interface for editing everything and makes the edit.blade.* files much easier to read.

* Use a ViewComposer instead of sharing the variable directly.  Fixes artisan optimize trying to hit the db--which ruins new installs

* Fix DB seeder.

* Base sql dump and csv's to import data from for tests.

* Start some functional tests for creating items.

* Add functional tests for all create methods.  Still need to do tests for edits, deletes, and lots of other things

* Improvements to functional tests.

Use the built in DB seeding mechanism instead of doing it ourselves.
Break the tests into multiple units, rather than testing everything in
each function.

* Some improvements to acceptance tests.

Make sure we're only looking at the "trs" within the bootstrap table.
Creation of assets is now tested at the functional level (and is faster)
so ignore it here.

I'm testing acceptance tests with the
IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder
imported.

* A few things to make acceptance tests work.  Add a name to the companies table, and make the locations table have the correct name

* Use a .env.tests file for testing functional and unit to allow a separate database.

* Add functional tests for compoents, groups, and licenses.

* Now that the config is in the functional.yml, this just confuses things.

* Start some functional tests for creating items.

* Add functional tests for all create methods.  Still need to do tests for edits, deletes, and lots of other things

* Improvements to functional tests.

Use the built in DB seeding mechanism instead of doing it ourselves.
Break the tests into multiple units, rather than testing everything in
each function.

* Some improvements to acceptance tests.

Make sure we're only looking at the "trs" within the bootstrap table.
Creation of assets is now tested at the functional level (and is faster)
so ignore it here.

I'm testing acceptance tests with the
IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder
imported.

* update db dump

* Update tests to new reality

* env for the test setup

* only load the database at beginning of tests, not between each Functional test.

* Fix a miss from renaming note to notes.

* Set Termination date when creating an asset.  It was only set on edit.

* Rename serial_number to serial in components for consistency.

* Update validation rules to match limits in database.  Currently we just accepted the values and they were truncated when adding to DB.

* Much more detailed functional testing of creating items.  This checks to make sure all values on form have been successfully persisted to database.
2016-11-16 16:56:57 -08:00
snipe 84e06f4642 Add postal code to locations listing 2016-11-16 08:22:54 -08:00
snipe 37a6599978 Adds expected checkin to custom reports 2016-11-15 01:55:27 -08:00
snipe cbabcb9197 Fixes #2875 - use leftJoin so as to not filter out unassigned assets when sorting by assigned 2016-11-11 20:50:10 -08:00
snipe 369715b7c7 Starter text search scope for activity report
(This will be messy)
2016-11-11 20:30:26 -08:00
snipe b854689d3d Urlencode username in case it has spaces 2016-11-11 20:09:22 -08:00
snipe 1543c03624 Removed stray foo 2016-11-11 20:09:07 -08:00
snipe 7667fca691 Fixes #2894 - set whether or not the user was originally a superuser 2016-11-11 19:48:39 -08:00
snipe 9db28cf6d6 Fixed dumb indenting 2016-11-11 19:46:25 -08:00
snipe 2ddee9b44c Fixes #2906 - adds manufacturer searching to licenses 2016-11-11 19:46:18 -08:00
snipe 2f05b83e0b Fixes #2912 - Reordering of custom fields now saving correctly 2016-11-11 18:33:59 -08:00
Daniel Meltzer f4fc783026 Check for setup to have completed before running the 2fa middleware. Otherwise new installs fail (#2885) 2016-11-06 18:08:13 +01:00
snipe 4747a4c03f Added urlencode to site name 2016-10-31 22:34:57 -07:00
snipe a914dacf8e Adds drawn signature to asset acceptance (#2846)
* Adds digital signature to asset acceptance

This is still a little broken - the history is displaying “Deleted user”, since there is no item type listed. Saving the item_type as App\Models\User tries to update accepted on the users table, which obviously doesn’t exist.

* Use asset facade for folks in subdirs

* Possible fix for weird accepted/declined display

* Display signature in modal popup if sigs are required

* Wrap that display file in auth middleware, just to be sure.

It shoudl fail if you’re not authorized since you’re not logged in, but better safe than sorry

* Fixed header section of layout

* Removed extra drop from migration rollback
2016-10-31 21:00:30 -07:00
snipe a182d8c924 Fixes #1348 - LDAP sync in artisan command
TODO:

Make the LDAP sync page work using this command to avoid code duplication
2016-10-31 20:59:46 -07:00
snipe 6400557901 Check if the edited users permissioms are superuser before edit 2016-10-31 19:37:24 -07:00
snipe 3dac20c20f Unset superadmin by non-superadmins on user create 2016-10-31 19:08:24 -07:00
snipe 429afc6b3f Only save user permissions if the user is a superadmin 2016-10-31 19:07:55 -07:00
snipe 8323ed27c2 Do not makes group editable if the user is not an admin
This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
2016-10-31 18:57:35 -07:00
snipe c47d391946 Feature - allow search on group names 2016-10-31 18:27:34 -07:00
snipe a4ae3b0091 Show whether device is enabled and/or 2FA is active 2016-10-31 17:16:26 -07:00
snipe cbfcf959f9 Allow certain users to override 2FA with permission 2016-10-31 16:52:25 -07:00
snipe e065d18227 Possible fix for integer weird typing 2016-10-31 13:50:00 -07:00
Frank 10ea5daabd Harden PragmaRX secret to 32 bytes (#2859)
This is needed at all but that extra security is always good.
2016-10-31 11:20:31 -07:00
snipe dce5afde78 Use config URL for links in user list 2016-10-29 07:33:33 -07:00
snipe 38b188f6ff Fixes #2448 - redirect to intended page 2016-10-29 07:32:48 -07:00
snipe fe041b66c6 Adds two-factor to users listing 2016-10-29 07:21:34 -07:00
snipe 2fe71f3ebc Fixes #2833 - changed minimum qty to 0 2016-10-29 06:08:13 -07:00
snipe 408aab112b Removed unneeded else 2016-10-29 06:06:32 -07:00
snipe cea255995c Fixes #106 - adds Google Authenticator support (#2842)
* refactor to clean up LDAP login, and make the login method easier to handle.

* Login refactor cleanup

* Google 2FA package

* Adds Google Authenticator two-factor

* Removed unused blade

* Added optin setting in profile

* Removed dumb comments

* Made lock_passwords check more consistent

* Additional two factor strings

* Lock passwords check

* Display feature disabled text if in demo mode

* Two factor admin reset options

* Translation strings
2016-10-29 05:50:55 -07:00
Daniel Meltzer 3a8edfdf58 Eager load many more things. Fixes a lot of n+1 queries in ajax/bootstrap tables requests (#2832) 2016-10-28 14:15:13 -07:00
snipe a929b635ff Fixes #2809 - adds serial number to components 2016-10-27 15:33:48 -07:00
snipe 3e701c6dd1 Fixes #2814 - adds job title to users listing display 2016-10-27 14:29:07 -07:00
snipe e4140f4c48 Fixes #2817 - adds EOL to custom report 2016-10-27 14:20:55 -07:00
snipe 691f9b621e Fixes #2821 2016-10-26 11:27:37 -07:00
Daniel Meltzer a418dece80 Better checking for empty values when updating. (#2811)
* Better checking for empty values when updating.  There's a lot of conditionals in here that we may want to look at cleaning up over time

* Fix typo.  No manfacturers here.

* Fix model update/import.  Also hardcode the status id of unset assets to the first existing one instead of an id that may not exist... Still not ideal, but better.

* Let requests to .env through the middleware.  We check to see if this is readable during setup as a warning, and as it stands it triggers an infinite loop trying to hit the file.
2016-10-25 19:51:13 -07:00
snipe f30631efb6 Fixed parens on target 2016-10-25 12:53:07 -07:00
snipe 66585bcc40 Merge branch 'hotfixes/eagerload_license_checkout' into develop 2016-10-25 11:12:32 -07:00