snipe
345a4306e8
Added SubstituteBindings
...
Signed-off-by: snipe <snipe@snipe.net>
2024-07-17 23:02:10 +01:00
Brady Wetherington
4654f7aa37
Porting Snipe-IT v7 to Laravel v10
2023-07-31 14:07:12 +01:00
Brady Wetherington
645bba96cd
WIP: First stabs at getting Laravel Vite to work; no luck so far :(
...
Probably going to back out all the 'vite' stuff anyways :/
2023-02-21 19:35:37 -08:00
snipe
6fde72a693
Log user out of other devices when they change their password
...
Signed-off-by: snipe <snipe@snipe.net>
2022-08-25 12:24:26 -07:00
snipe
9aac1cbba4
Merge branch 'master' into rcs/merge_master_into_develop_for_rc_8
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# README.md
# app/Console/Commands/MoveUploadsToNewDisk.php
# app/Http/Controllers/ActionlogController.php
# app/Http/Controllers/Api/LicensesController.php
# app/Http/Controllers/Api/StatuslabelsController.php
# app/Http/Controllers/Assets/AssetCheckinController.php
# app/Http/Controllers/Licenses/LicensesController.php
# app/Http/Controllers/Users/BulkUsersController.php
# app/Http/Requests/AssetCheckoutRequest.php
# app/Importer/LicenseImporter.php
# app/Models/Actionlog.php
# app/Models/License.php
# app/Models/User.php
# app/Observers/AssetObserver.php
# composer.lock
# config/version.php
# database/factories/LicenseFactory.php
# database/migrations/2015_09_21_235926_create_custom_field_custom_fieldset.php
# database/migrations/2018_10_18_191228_add_kits_licenses_table.php
# database/migrations/2018_10_19_153910_add_kits_table.php
# database/migrations/2018_10_19_154013_add_kits_models_table.php
# database/migrations/2019_02_07_185953_add_kits_consumables_table.php
# database/migrations/2019_02_07_190030_add_kits_accessories_table.php
# package-lock.json
# package.json
# public/css/dist/all.css
# public/css/dist/bootstrap-table.css
# public/js/dist/bootstrap-table.js
# public/mix-manifest.json
# resources/lang/ar/general.php
# resources/lang/ar/passwords.php
# resources/lang/cs/general.php
# resources/lang/cs/passwords.php
# resources/lang/de/admin/custom_fields/general.php
# resources/lang/de/admin/settings/general.php
# resources/lang/de/admin/settings/message.php
# resources/lang/fr/admin/custom_fields/general.php
# resources/lang/fr/admin/hardware/general.php
# resources/lang/fr/admin/locations/table.php
# resources/lang/fr/admin/settings/message.php
# resources/lang/hu/admin/custom_fields/general.php
# resources/lang/hu/admin/settings/general.php
# resources/lang/hu/general.php
# resources/lang/it/admin/settings/general.php
# resources/lang/nl/admin/custom_fields/general.php
# resources/lang/nl/admin/settings/general.php
# resources/lang/nl/general.php
# resources/lang/pl/admin/custom_fields/general.php
# resources/lang/sv-SE/passwords.php
# resources/lang/tr/general.php
# resources/views/hardware/view.blade.php
# resources/views/partials/bootstrap-table.blade.php
# resources/views/reports/activity.blade.php
# resources/views/users/print.blade.php
2022-04-28 17:49:06 +01:00
snipe
bdabbbd4e9
Logout user when their activated status is switched to off
...
Signed-off-by: snipe <snipe@snipe.net>
2022-03-29 13:44:53 +01:00
snipe
b876d0abb0
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# .env.example
# app/Http/Controllers/Auth/LoginController.php
# app/Http/Kernel.php
# app/Http/Transformers/ActionlogsTransformer.php
# app/Importer/AssetImporter.php
# app/Models/Accessory.php
# app/Models/Consumable.php
# app/Presenters/AccessoryPresenter.php
# app/Presenters/ComponentPresenter.php
# app/Presenters/ConsumablePresenter.php
# app/Providers/AuthServiceProvider.php
# composer.json
# composer.lock
# config/app.php
# config/cors.php
# config/version.php
# package-lock.json
# public/js/build/app.js
# public/js/build/app.js.LICENSE.txt
# public/js/dist/all.js
# public/mix-manifest.json
# resources/views/accessories/view.blade.php
# resources/views/consumables/view.blade.php
# resources/views/settings/saml.blade.php
# routes/api.php
2022-03-03 21:59:38 -08:00
snipe
50f55b4308
Fixes broken API throttling
...
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:10:10 -08:00
Brady Wetherington
15abc84ab0
Migrate to Fruitcake/laravel-cors which has path-exclusion built-in
2022-02-23 11:06:19 -08:00
Brady Wetherington
294606fb0b
Move new CORS library to global middleware, the only place it works
2022-02-22 19:07:23 -08:00
Brady Wetherington
64f83f9a5f
Move HandleCors middleware to be universal
2022-02-22 17:43:40 -08:00
snipe
aa8f1378c9
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# README.md
# app/Http/Controllers/Accessories/AccessoriesController.php
# app/Http/Controllers/Api/AssetMaintenancesController.php
# app/Http/Controllers/Api/AssetModelsController.php
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Api/UsersController.php
# app/Http/Controllers/AssetMaintenancesController.php
# app/Http/Controllers/Assets/AssetFilesController.php
# app/Http/Controllers/Assets/AssetsController.php
# app/Http/Controllers/Assets/BulkAssetsController.php
# app/Http/Controllers/Components/ComponentsController.php
# app/Http/Controllers/Consumables/ConsumablesController.php
# app/Http/Controllers/Licenses/LicenseFilesController.php
# app/Http/Controllers/Licenses/LicensesController.php
# app/Http/Controllers/Users/UserFilesController.php
# app/Http/Transformers/AssetsTransformer.php
# app/Http/Transformers/LicensesTransformer.php
# app/Importer/UserImporter.php
# app/Models/Asset.php
# config/app.php
# config/version.php
# package-lock.json
# public/js/build/app.js
# public/js/dist/all.js
# public/js/dist/bootstrap-table.js
# public/mix-manifest.json
# resources/lang/en/admin/users/message.php
# resources/lang/is/button.php
# resources/lang/ja/admin/kits/general.php
# resources/lang/ro/admin/users/general.php
# resources/lang/zh-HK/admin/depreciations/general.php
# resources/lang/zh-HK/admin/models/general.php
# resources/views/hardware/qr-view.blade.php
# resources/views/hardware/view.blade.php
# resources/views/partials/bootstrap-table.blade.php
# resources/views/users/view.blade.php
# routes/web.php
# routes/web/hardware.php
# routes/web/models.php
# routes/web/users.php
2021-10-20 17:26:41 -07:00
snipe
9b48732cd2
Force revalidation headers when user logs out
...
Signed-off-by: snipe <snipe@snipe.net>
2021-10-04 12:52:48 -07:00
snipe
c407b52bbf
Updated Cors
...
Signed-off-by: snipe <snipe@snipe.net>
2021-06-12 00:23:30 -07:00
Laravel Shift
4ed3d6afb8
Shift HTTP kernel and middleware
2021-06-10 20:17:04 +00:00
Vincent Lainé
d6ead5ae17
Added #8931 : add health controller without session ( #8978 )
...
* Added health controller
* Trying to move session middleware to web and api group to have health controller without session
* Fix health route store the session
Co-authored-by: Vincent Lainé <v.laine@dental-monitoring.com>
2021-01-26 12:10:54 -08:00
snipe
b2660002b9
Fixed #8781 - added asset count by status type ( #8806 )
2020-11-24 12:15:07 -08:00
snipe
36c8f7f4f1
Additional security headers
2020-06-22 22:31:01 -07:00
snipe
3dc2cc9f22
CORS for api ( #7292 )
...
* Added CORS support to API
* Changed order so CORS will still work if throttle hit
* Added APP_CORS_ALLOWED_ORIGINS env option
* Fixed typo
* Clarified header comments
* More clarification
* DIsable CORS allowed origins by default to replicate existing behavior
* Change variable name to be clearer
2019-07-26 12:38:31 -07:00
snipe
d2bbc09892
Increased throttle to 120 requests per minute
2019-05-31 11:57:57 -07:00
snipe
90cddb7aee
Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API ( #6693 )
...
Need to confirm that re-enabling `\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,` won’t mangle anything. I know we ran into some issues when testing a long time ago, but not sure those issues apply anymore, and I can’t remember what they were.
2019-02-12 22:08:38 -08:00
snipe
4099c06b27
fix middleware priority: handle trusted proxies prior setup check
...
From @plexorama
2018-07-05 15:36:59 -07:00
snipe
ff38cdd09b
Comment out the nullable middleware until we have a chance to check all model validators
2017-10-02 16:36:43 -07:00
snipe
46d87849f4
Added content security middleware
2017-09-28 19:45:15 -07:00
snipe
26a7701cda
Added referrer-policy header
2017-09-28 17:12:58 -07:00
snipe
0ab9bc1db8
Added normalization midddleware, removed
2017-09-27 15:18:05 -07:00
snipe
9e4a391b8b
Updated auth:api in kernel
2017-01-11 14:54:11 -08:00
Daniel Meltzer
cd8c585377
Discussion: Moving to policies for controller based authorization ( #3080 )
...
* Make delete routes work. We put a little form in the modal that spoofs the delete field.
* Fix route on creating a user.
* Fix redundant id parameter.
* Port acceptance tests to new urls.
* Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future.
* This needs to stay for the dashboard checks.
* Add user states for permissions to build tests.
* Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider
* Migrate various locations to new syntax. Update test to be more specific
* Fix functional tests.
Add an artisan command for installing a settings setup on travis-ci
* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.
* Try to fix travis
* Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.:
* Add a environment for travis functional tests.
* Adjust config file to make travis use it.
* Use redirect()->route instead of redirect()-to
* Dump all failures in the output directory if travis fails.
* Cleanups and minor fixes.
* Adjust the supplier modelfactory to comply with new validation restrictions.
* Some test fixes.
* Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation
* Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
snipe
4f2439ae1c
Add Passport API token generator
2016-12-14 10:53:01 -08:00
snipe
8e5977ad84
Updated maintenance views
2016-12-14 07:56:01 -08:00
snipe
f0dd4c5a97
Remove middleware for checking for maintenance
...
This is (mostly) a built-in feature in Laravel 5.3
2016-12-14 04:31:19 -08:00
snipe
2603488bd6
Removed settings middlware
...
(Already handled via AppServiceProvider)
2016-11-29 01:19:52 -08:00
snipe
ba23952852
Add red banner if app is in production mode and debugging is turned on
2016-11-29 00:08:20 -08:00
snipe
4c08331c9d
Get settings in middleware, makr available in views
2016-11-28 22:53:16 -08:00
snipe
cea255995c
Fixes #106 - adds Google Authenticator support ( #2842 )
...
* refactor to clean up LDAP login, and make the login method easier to handle.
* Login refactor cleanup
* Google 2FA package
* Adds Google Authenticator two-factor
* Removed unused blade
* Added optin setting in profile
* Removed dumb comments
* Made lock_passwords check more consistent
* Additional two factor strings
* Lock passwords check
* Display feature disabled text if in demo mode
* Two factor admin reset options
* Translation strings
2016-10-29 05:50:55 -07:00
snipe
4c787891e4
Use custom maintenance middleware
2016-08-11 19:22:26 -07:00
Nikolai Prokoschenko
8d03668d78
Fix reverse proxy support
...
Reintroducing trusted proxies via fideloper/proxy:
* Upgraded fideloper/proxy to 3.1
* Added fideloper/proxy to Http/Kernel.php
* Added fideloper/proxy to config/app.php
* Added environment variable APP_TRUSTED_PROXIES to env (with '*' being the default fallback)
2016-06-16 15:43:42 +02:00
snipe
415b60a293
Added check for setup in Setting model
2016-05-14 16:09:00 -07:00
snipe
fe00b0e401
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00