snipe-it

mirror of https://github.com/snipe/snipe-it.git synced 2024-11-09 23:24:06 -08:00

Author	SHA1	Message	Date
setpill	1d7853cbfe	fixed #15374 : load TrustProxies middleware in Kernel.php	2024-08-22 23:41:27 +02:00
snipe	74136761df	Added TrimStrings middleware Signed-off-by: snipe <snipe@snipe.net>	2024-08-20 11:45:13 +01:00
snipe	856c57cb12	Corrected some translations Signed-off-by: snipe <snipe@snipe.net>	2024-08-16 12:39:59 +01:00
snipe	345a4306e8	Added SubstituteBindings Signed-off-by: snipe <snipe@snipe.net>	2024-07-17 23:02:10 +01:00
Brady Wetherington	4654f7aa37	Porting Snipe-IT v7 to Laravel v10	2023-07-31 14:07:12 +01:00
Brady Wetherington	645bba96cd	WIP: First stabs at getting Laravel Vite to work; no luck so far :( Probably going to back out all the 'vite' stuff anyways :/	2023-02-21 19:35:37 -08:00
snipe	6fde72a693	Log user out of other devices when they change their password Signed-off-by: snipe <snipe@snipe.net>	2022-08-25 12:24:26 -07:00
snipe	9aac1cbba4	Merge branch 'master' into rcs/merge_master_into_develop_for_rc_8 Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # README.md # app/Console/Commands/MoveUploadsToNewDisk.php # app/Http/Controllers/ActionlogController.php # app/Http/Controllers/Api/LicensesController.php # app/Http/Controllers/Api/StatuslabelsController.php # app/Http/Controllers/Assets/AssetCheckinController.php # app/Http/Controllers/Licenses/LicensesController.php # app/Http/Controllers/Users/BulkUsersController.php # app/Http/Requests/AssetCheckoutRequest.php # app/Importer/LicenseImporter.php # app/Models/Actionlog.php # app/Models/License.php # app/Models/User.php # app/Observers/AssetObserver.php # composer.lock # config/version.php # database/factories/LicenseFactory.php # database/migrations/2015_09_21_235926_create_custom_field_custom_fieldset.php # database/migrations/2018_10_18_191228_add_kits_licenses_table.php # database/migrations/2018_10_19_153910_add_kits_table.php # database/migrations/2018_10_19_154013_add_kits_models_table.php # database/migrations/2019_02_07_185953_add_kits_consumables_table.php # database/migrations/2019_02_07_190030_add_kits_accessories_table.php # package-lock.json # package.json # public/css/dist/all.css # public/css/dist/bootstrap-table.css # public/js/dist/bootstrap-table.js # public/mix-manifest.json # resources/lang/ar/general.php # resources/lang/ar/passwords.php # resources/lang/cs/general.php # resources/lang/cs/passwords.php # resources/lang/de/admin/custom_fields/general.php # resources/lang/de/admin/settings/general.php # resources/lang/de/admin/settings/message.php # resources/lang/fr/admin/custom_fields/general.php # resources/lang/fr/admin/hardware/general.php # resources/lang/fr/admin/locations/table.php # resources/lang/fr/admin/settings/message.php # resources/lang/hu/admin/custom_fields/general.php # resources/lang/hu/admin/settings/general.php # resources/lang/hu/general.php # resources/lang/it/admin/settings/general.php # resources/lang/nl/admin/custom_fields/general.php # resources/lang/nl/admin/settings/general.php # resources/lang/nl/general.php # resources/lang/pl/admin/custom_fields/general.php # resources/lang/sv-SE/passwords.php # resources/lang/tr/general.php # resources/views/hardware/view.blade.php # resources/views/partials/bootstrap-table.blade.php # resources/views/reports/activity.blade.php # resources/views/users/print.blade.php	2022-04-28 17:49:06 +01:00
snipe	bdabbbd4e9	Logout user when their activated status is switched to off Signed-off-by: snipe <snipe@snipe.net>	2022-03-29 13:44:53 +01:00
snipe	b876d0abb0	Merge remote-tracking branch 'origin/master' into develop Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .env.example # app/Http/Controllers/Auth/LoginController.php # app/Http/Kernel.php # app/Http/Transformers/ActionlogsTransformer.php # app/Importer/AssetImporter.php # app/Models/Accessory.php # app/Models/Consumable.php # app/Presenters/AccessoryPresenter.php # app/Presenters/ComponentPresenter.php # app/Presenters/ConsumablePresenter.php # app/Providers/AuthServiceProvider.php # composer.json # composer.lock # config/app.php # config/cors.php # config/version.php # package-lock.json # public/js/build/app.js # public/js/build/app.js.LICENSE.txt # public/js/dist/all.js # public/mix-manifest.json # resources/views/accessories/view.blade.php # resources/views/consumables/view.blade.php # resources/views/settings/saml.blade.php # routes/api.php	2022-03-03 21:59:38 -08:00
snipe	50f55b4308	Fixes broken API throttling Signed-off-by: snipe <snipe@snipe.net>	2022-02-24 13:10:10 -08:00
Brady Wetherington	15abc84ab0	Migrate to Fruitcake/laravel-cors which has path-exclusion built-in	2022-02-23 11:06:19 -08:00
Brady Wetherington	294606fb0b	Move new CORS library to global middleware, the only place it works	2022-02-22 19:07:23 -08:00
Brady Wetherington	64f83f9a5f	Move HandleCors middleware to be universal	2022-02-22 17:43:40 -08:00
snipe	aa8f1378c9	Merge remote-tracking branch 'origin/master' into develop Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # README.md # app/Http/Controllers/Accessories/AccessoriesController.php # app/Http/Controllers/Api/AssetMaintenancesController.php # app/Http/Controllers/Api/AssetModelsController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/UsersController.php # app/Http/Controllers/AssetMaintenancesController.php # app/Http/Controllers/Assets/AssetFilesController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Assets/BulkAssetsController.php # app/Http/Controllers/Components/ComponentsController.php # app/Http/Controllers/Consumables/ConsumablesController.php # app/Http/Controllers/Licenses/LicenseFilesController.php # app/Http/Controllers/Licenses/LicensesController.php # app/Http/Controllers/Users/UserFilesController.php # app/Http/Transformers/AssetsTransformer.php # app/Http/Transformers/LicensesTransformer.php # app/Importer/UserImporter.php # app/Models/Asset.php # config/app.php # config/version.php # package-lock.json # public/js/build/app.js # public/js/dist/all.js # public/js/dist/bootstrap-table.js # public/mix-manifest.json # resources/lang/en/admin/users/message.php # resources/lang/is/button.php # resources/lang/ja/admin/kits/general.php # resources/lang/ro/admin/users/general.php # resources/lang/zh-HK/admin/depreciations/general.php # resources/lang/zh-HK/admin/models/general.php # resources/views/hardware/qr-view.blade.php # resources/views/hardware/view.blade.php # resources/views/partials/bootstrap-table.blade.php # resources/views/users/view.blade.php # routes/web.php # routes/web/hardware.php # routes/web/models.php # routes/web/users.php	2021-10-20 17:26:41 -07:00
snipe	9b48732cd2	Force revalidation headers when user logs out Signed-off-by: snipe <snipe@snipe.net>	2021-10-04 12:52:48 -07:00
snipe	c407b52bbf	Updated Cors Signed-off-by: snipe <snipe@snipe.net>	2021-06-12 00:23:30 -07:00
Laravel Shift	4ed3d6afb8	Shift HTTP kernel and middleware	2021-06-10 20:17:04 +00:00
Vincent Lainé	d6ead5ae17	Added #8931 : add health controller without session (#8978 ) * Added health controller * Trying to move session middleware to web and api group to have health controller without session * Fix health route store the session Co-authored-by: Vincent Lainé <v.laine@dental-monitoring.com>	2021-01-26 12:10:54 -08:00
snipe	b2660002b9	Fixed #8781 - added asset count by status type (#8806 )	2020-11-24 12:15:07 -08:00
snipe	36c8f7f4f1	Additional security headers	2020-06-22 22:31:01 -07:00
snipe	3dc2cc9f22	CORS for api (#7292 ) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer	2019-07-26 12:38:31 -07:00
snipe	d2bbc09892	Increased throttle to 120 requests per minute	2019-05-31 11:57:57 -07:00
snipe	90cddb7aee	Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API (#6693 ) Need to confirm that re-enabling `\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,` won’t mangle anything. I know we ran into some issues when testing a long time ago, but not sure those issues apply anymore, and I can’t remember what they were.	2019-02-12 22:08:38 -08:00
snipe	4099c06b27	fix middleware priority: handle trusted proxies prior setup check From @plexorama	2018-07-05 15:36:59 -07:00
snipe	ff38cdd09b	Comment out the nullable middleware until we have a chance to check all model validators	2017-10-02 16:36:43 -07:00
snipe	46d87849f4	Added content security middleware	2017-09-28 19:45:15 -07:00
snipe	26a7701cda	Added referrer-policy header	2017-09-28 17:12:58 -07:00
snipe	0ab9bc1db8	Added normalization midddleware, removed	2017-09-27 15:18:05 -07:00
snipe	9e4a391b8b	Updated auth:api in kernel	2017-01-11 14:54:11 -08:00
Daniel Meltzer	cd8c585377	Discussion: Moving to policies for controller based authorization (#3080 ) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.	2016-12-19 11:04:28 -08:00
snipe	4f2439ae1c	Add Passport API token generator	2016-12-14 10:53:01 -08:00
snipe	8e5977ad84	Updated maintenance views	2016-12-14 07:56:01 -08:00
snipe	f0dd4c5a97	Remove middleware for checking for maintenance This is (mostly) a built-in feature in Laravel 5.3	2016-12-14 04:31:19 -08:00
snipe	2603488bd6	Removed settings middlware (Already handled via AppServiceProvider)	2016-11-29 01:19:52 -08:00
snipe	ba23952852	Add red banner if app is in production mode and debugging is turned on	2016-11-29 00:08:20 -08:00
snipe	4c08331c9d	Get settings in middleware, makr available in views	2016-11-28 22:53:16 -08:00
snipe	cea255995c	Fixes #106 - adds Google Authenticator support (#2842 ) * refactor to clean up LDAP login, and make the login method easier to handle. * Login refactor cleanup * Google 2FA package * Adds Google Authenticator two-factor * Removed unused blade * Added optin setting in profile * Removed dumb comments * Made lock_passwords check more consistent * Additional two factor strings * Lock passwords check * Display feature disabled text if in demo mode * Two factor admin reset options * Translation strings	2016-10-29 05:50:55 -07:00
snipe	4c787891e4	Use custom maintenance middleware	2016-08-11 19:22:26 -07:00
Nikolai Prokoschenko	8d03668d78	Fix reverse proxy support Reintroducing trusted proxies via fideloper/proxy: * Upgraded fideloper/proxy to 3.1 * Added fideloper/proxy to Http/Kernel.php * Added fideloper/proxy to config/app.php * Added environment variable APP_TRUSTED_PROXIES to env (with '*' being the default fallback)	2016-06-16 15:43:42 +02:00
snipe	415b60a293	Added check for setup in Setting model	2016-05-14 16:09:00 -07:00
snipe	fe00b0e401	Version 3 - hold onto your butts	2016-03-25 01:18:05 -07:00

42 commits