Commit graph

3280 commits

Author SHA1 Message Date
snipe 2906a89442 Make the 429 error less stupid
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:10:34 -08:00
snipe 50f55b4308 Fixes broken API throttling
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:10:10 -08:00
snipe a8028e7dd0
Merge pull request #10727 from uberbrady/master
Fix for negative CORS/SAML interaction
2022-02-23 11:17:17 -08:00
Brady Wetherington 15abc84ab0 Migrate to Fruitcake/laravel-cors which has path-exclusion built-in 2022-02-23 11:06:19 -08:00
snipe 42fcd29200 Fixed #10436 on master, applies #10449
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 21:06:54 -08:00
snipe dc2e6c2b06 Adds consumables endpoint to user API
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 20:44:34 -08:00
Brady Wetherington 294606fb0b Move new CORS library to global middleware, the only place it works 2022-02-22 19:07:23 -08:00
Brady Wetherington 64f83f9a5f Move HandleCors middleware to be universal 2022-02-22 17:43:40 -08:00
snipe 0a4a548f9c Added use statement
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 10:46:02 -08:00
snipe dd5f812d88 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Console/Commands/FixDoubleEscape.php
#	app/Console/Commands/LdapSync.php
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetMaintenancesController.php
#	app/Http/Controllers/Api/AssetModelsController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/CategoriesController.php
#	app/Http/Controllers/Api/CompaniesController.php
#	app/Http/Controllers/Api/DepartmentsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/ManufacturersController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/SuppliersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Models/Loggable.php
#	app/Providers/AuthServiceProvider.php
#	config/version.php
#	database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
#	database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php
#	package-lock.json
#	package.json
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/forms/asset-models/fieldset-default-values.vue
#	resources/views/hardware/view.blade.php
2022-02-20 13:29:12 -08:00
Ivan Nieto Vivanco 23a6907975 Some minor stylistic changes 2022-02-17 18:05:06 -06:00
Ivan Nieto Vivanco 5b2a5ff124 Put the 'remember_token' column as null in the users table 2022-02-17 18:03:00 -06:00
Ivan Nieto Vivanco 548b172744 Logout every connected user 2022-02-17 18:00:24 -06:00
Ivan Nieto Vivanco 263893b3c6 Search logged in user that made the restore, if they doesn't exist in the restored system, add it again 2022-02-17 17:42:06 -06:00
Ivan Nieto Vivanco 811ca51c4f Wipe database before restoration 2022-02-17 16:59:44 -06:00
snipe d1b45a83b8 Blergh, one more linebreak
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:51:06 -08:00
snipe 01a8701a8c Removed extra linebreaks
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:50:38 -08:00
snipe 67fe53e32a Removed debugging, added comments
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:50:07 -08:00
snipe 7f6b8cc43d Removed carbon, since we went with PHP's datetime instead
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:48:12 -08:00
snipe 5fe999eb02 Shored up the date math, updated the explanation
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:34:33 -08:00
snipe ea429d650e Initial audit date fix
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 20:19:38 -08:00
snipe 824eedf7c2 Added UI elements for is_unique
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 13:47:48 -08:00
snipe a4a0aa5124 Removed debugging line
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 13:47:22 -08:00
snipe 6a91d4d19e Check for uniqueness constraint
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 13:46:22 -08:00
snipe ea8f9a6dd9 Make is_unique fillable
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 13:45:44 -08:00
snipe b78f32e876
Merge pull request #10655 from inietov/fixes/trying_to_get_property_checkin_email_of_non-object_develop
Fixes ErrorException: Trying to get property 'checkin_email' of non-object for develop[sc-17568]
2022-02-16 11:19:14 -07:00
snipe 592f66bd0c
Merge pull request #10670 from Godmartinz/gh10639/linear-depreciation-calculation
Fixed #10639 - incorrect linear depreciation calculation
2022-02-16 11:18:27 -07:00
snipe 4f89dfee49
Merge pull request #10679 from snipe/fixes/timing_attack_mitigation_for_forgot_password
Added usleep random to forgotten password method to mitigate timing attacks
2022-02-16 11:17:00 -07:00
snipe 017534bc07 Added deleted_at to license transformer
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:33:28 -08:00
snipe 5540069cce Be more specific with deleted license point
Require this value to be "true" speciically to get the deleted list

Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:14:04 -08:00
snipe 1ad56760ce Adds delete endpoint for licenses
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:08:50 -08:00
Brady Wetherington 290baf1c8d refactor and clean up attribute-changing logic for assets 2022-02-15 18:29:45 -08:00
snipe f878e0ad66 Fixes 2FA cookie -> user issue
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:29:23 -08:00
snipe 178e440951 Added usleep :(
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:09:58 -08:00
snipe cab4fa1687 Fixes some conceptual gates
Signed-off-by: snipe <snipe@snipe.net>
2022-02-14 15:42:23 -08:00
snipe 4804e5b3ab Added Asset edit/delete gates to maintenances
Signed-off-by: snipe <snipe@snipe.net>
2022-02-14 15:34:06 -08:00
Godfrey M 7b9a2ae909 added rounding 2022-02-14 09:34:42 -08:00
Godfrey M 6e204a20ca fixed current value formula 2022-02-14 09:28:35 -08:00
Godfrey M e6e68934f7 adds a months depreciated variable 2022-02-14 09:13:14 -08:00
Godfrey M cdc402fa04 WIP formula for linear Depreciation has been corrected. still one variable left to fix. 2022-02-14 09:01:42 -08:00
snipe 1c0a96b0ce Added gate to supplier
Signed-off-by: snipe <snipe@snipe.net>
2022-02-13 11:58:12 -07:00
snipe d77a47765e Adds gate to supplier
Signed-off-by: snipe <snipe@snipe.net>
2022-02-13 11:53:45 -07:00
snipe d6b8222371 Refactor to combine permissions
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:48:30 -08:00
snipe 2c5abaaea4 Fixed copypasta
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:32:09 -08:00
snipe c1a0653847 Restrict to update or create gate methods for select lists
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:31:11 -08:00
snipe 9226c8292d Fixed typos in comments
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:02:14 -08:00
snipe 5fafa81dc1 Forgot components
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:57:29 -08:00
snipe b30d1dce89 Removed selectlist
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:55:24 -08:00
snipe 2dad27eed6 Added additional gate for selectlists
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:46:14 -08:00
snipe f5ffda8053 Ahem.
Signed-off-by: snipe <snipe@snipe.net>
2022-02-10 22:43:51 -08:00
snipe ed931ef0cd
Merge pull request #10654 from inietov/fixes/trying_to_get_property_checkin_email_of_non-object
Fixes  ErrorException: Trying to get property 'checkin_email' of non-object [sc-17568]
2022-02-10 12:23:50 -08:00
Ivan Nieto Vivanco f36de6c670 Validates if model and model->category exist before return the checkin_email property 2022-02-10 13:53:49 -06:00
Ivan Nieto Vivanco bf4ee18123 Validates if model and model->category exist before return the checkin_email property 2022-02-10 11:58:55 -06:00
snipe 70af10ae6c
Merge pull request #10640 from JonathonReinhart/10552-add-checkin-api-date
Fix #10552: Add checkin_at parameter to /hardware/:id/checkin API
2022-02-10 09:54:20 -08:00
snipe b9a8d45c07 Better messaging
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 16:30:42 -08:00
snipe 7794c2f44b Check that the fieldset exists before trying to detach it from the fieldset
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 16:16:16 -08:00
snipe eedc14401a Switch to searching on semicolon instead of &
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 15:55:22 -08:00
snipe 4e14d70427 Added jobtitle to unescaper
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 15:50:44 -08:00
snipe 2a71690aaf Added license_name to unescaper
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 15:17:57 -08:00
snipe e4da00ca82 Catch potential validation errors on unescape tool
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 15:09:49 -08:00
snipe 4fd14e5859 Added slightly more output because wtf?
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 15:05:28 -08:00
snipe 441f1fbb64 Remove html_entities_decode restriction
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 14:56:36 -08:00
snipe d06e3dd892 Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-09 14:40:33 -08:00
snipe 6b25b53462
Merge pull request #10628 from inietov/fixes/default_values_dont_allow_checkbox_radio
Fixes #10299 Default Values do not allow Checkbox/Radio Buttons
2022-02-09 14:39:46 -08:00
Ivan Nieto Vivanco 6d79c9f3e2 Save the default values for custom fields with same format than Assets do for actual values 2022-02-09 13:41:33 -06:00
Ivan Nieto Vivanco a36957dd77 Finish the implementation of custom fields default values for checkboxes 2022-02-09 13:12:42 -06:00
Ivan Nieto Vivanco 2f3499e4b9 Show checkboxes a little less assy, actually save the data checked by them 2022-02-09 10:49:10 -06:00
Jonathon Reinhart 3536d08477 Add checkin_at parameter to /hardware/:id/checkin API
Fixes #10552
2022-02-08 20:23:09 -05:00
Brady Wetherington c300e7c7f6 Remove extraneous backslash 2022-02-08 12:23:15 -08:00
Brady Wetherington fb890fbc30 Properly alert when invalid JSON is submitted to something that wants JSON 2022-02-08 12:22:59 -08:00
Brady Wetherington 9a66f6a254 Remove extraneous backslash 2022-02-08 12:09:40 -08:00
Brady Wetherington 5e94726ec1 Properly alert when invalid JSON is submitted to something that wants JSON 2022-02-08 12:05:05 -08:00
Ivan Nieto Vivanco 413e44be2f Add custom date to checkin actionlogs and show it in the history of the asset tab 2022-02-08 11:58:23 -06:00
Ivan Nieto Vivanco d71aa859fc Add custom date to checkin actionlogs and show it in the history of the asset tab 2022-02-08 11:43:24 -06:00
Jonathon Reinhart cd963179fd Fix /hardware/{id}/checkin API response on error
Fixes #10629
2022-02-08 01:08:42 -05:00
snipe 474f24e40e Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-07 18:27:59 -08:00
snipe b3a0f86431 Temp fix for weird JSON format in history
Signed-off-by: snipe <snipe@snipe.net>
2022-02-07 18:27:55 -08:00
Brady Wetherington a15c0adc79 Fix "secure hostnames" feature for subdirectory-based Snipe-IT installs 2022-02-07 11:33:38 -08:00
Brady Wetherington f1d4087317 Fix "secure hostnames" feature for subdirectory-based Snipe-IT installs 2022-02-07 11:26:54 -08:00
Brady Wetherington 36ae6f9430 Yanked debugging code, tightened up comments. 2022-02-03 19:41:16 -08:00
Brady Wetherington 1945b97b72 Just trying to really tighten up on the LDAP Active Flag and how we parse it. 2022-02-03 19:04:56 -08:00
Brady Wetherington 392e61688d Rework the LDAP sync command to better handle the active flag 2022-02-03 15:01:45 -08:00
snipe ac5c6123bc Fixes #10563 - LDAP active flag - hopefully?
Signed-off-by: snipe <snipe@snipe.net>
2022-02-02 18:07:34 -08:00
Ivan Nieto Vivanco eac8e0bdba Add a casting to a truthy/falsy that needs to be integer 2022-02-02 13:54:57 -06:00
snipe ce154a2382
Merge pull request #10455 from adagioajanes/features/quickscan_checkin
Added #10454: Quick Scan Checkin
2022-02-01 20:19:45 -08:00
snipe 06a5ea1530 Fixed duplicate use statement
Signed-off-by: snipe <snipe@snipe.net>
2022-02-01 18:57:45 -08:00
snipe 5fded57ec6 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/ProfileController.php
#	app/Importer/ItemImporter.php
#	app/Importer/UserImporter.php
#	app/Models/Asset.php
#	app/Models/License.php
#	app/Providers/AppServiceProvider.php
#	app/Services/LdapAd.php
#	config/version.php
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/lang/ar/button.php
#	resources/lang/de/admin/companies/general.php
#	resources/lang/de/admin/custom_fields/general.php
#	resources/lang/de/admin/groups/titles.php
#	resources/lang/de/admin/hardware/form.php
#	resources/lang/de/admin/hardware/general.php
#	resources/lang/de/admin/hardware/message.php
#	resources/lang/de/admin/hardware/table.php
#	resources/lang/de/admin/kits/general.php
#	resources/lang/de/admin/locations/table.php
#	resources/lang/de/admin/reports/general.php
#	resources/lang/de/admin/settings/general.php
#	resources/lang/de/admin/settings/message.php
#	resources/lang/de/admin/users/general.php
#	resources/lang/de/general.php
#	resources/lang/de/mail.php
#	resources/lang/en/admin/asset_maintenances/message.php
#	resources/lang/en/admin/asset_maintenances/table.php
#	resources/lang/en/admin/companies/general.php
#	resources/lang/en/admin/companies/message.php
#	resources/lang/en/admin/custom_fields/general.php
#	resources/lang/en/admin/depreciations/general.php
#	resources/lang/en/admin/groups/titles.php
#	resources/lang/en/admin/hardware/form.php
#	resources/lang/en/admin/hardware/general.php
#	resources/lang/en/admin/hardware/table.php
#	resources/lang/en/admin/kits/general.php
#	resources/lang/en/admin/locations/table.php
#	resources/lang/en/admin/reports/general.php
#	resources/lang/en/admin/settings/general.php
#	resources/lang/en/admin/settings/message.php
#	resources/lang/en/admin/users/general.php
#	resources/lang/en/button.php
#	resources/lang/en/general.php
#	resources/lang/en/help.php
#	resources/lang/en/mail.php
#	resources/lang/en/passwords.php
#	resources/lang/hu/admin/hardware/general.php
#	resources/lang/hu/admin/hardware/table.php
#	resources/lang/hu/admin/locations/table.php
#	resources/lang/is/admin/locations/table.php
#	resources/lang/ko/admin/custom_fields/general.php
#	resources/lang/ko/general.php
#	resources/lang/nl/admin/hardware/general.php
#	resources/lang/nl/admin/hardware/message.php
#	resources/lang/nl/admin/hardware/table.php
#	resources/lang/nl/admin/locations/table.php
#	resources/lang/nl/admin/statuslabels/message.php
#	resources/lang/nl/admin/users/general.php
#	resources/lang/no/admin/companies/general.php
#	resources/lang/no/admin/custom_fields/general.php
#	resources/lang/no/admin/depreciations/general.php
#	resources/lang/no/admin/depreciations/table.php
#	resources/lang/no/admin/groups/titles.php
#	resources/lang/no/admin/hardware/form.php
#	resources/lang/no/admin/hardware/general.php
#	resources/lang/no/admin/hardware/table.php
#	resources/lang/no/admin/kits/general.php
#	resources/lang/no/admin/locations/table.php
#	resources/lang/no/admin/reports/general.php
#	resources/lang/no/admin/settings/general.php
#	resources/lang/no/admin/settings/message.php
#	resources/lang/no/admin/statuslabels/message.php
#	resources/lang/no/admin/users/general.php
#	resources/lang/no/button.php
#	resources/lang/no/general.php
#	resources/lang/no/mail.php
#	resources/lang/no/validation.php
#	resources/lang/pl/admin/companies/general.php
#	resources/lang/pl/admin/custom_fields/general.php
#	resources/lang/pl/admin/depreciations/general.php
#	resources/lang/pl/admin/depreciations/table.php
#	resources/lang/pl/admin/groups/titles.php
#	resources/lang/pl/admin/hardware/form.php
#	resources/lang/pl/admin/hardware/general.php
#	resources/lang/pl/admin/hardware/table.php
#	resources/lang/pl/admin/kits/general.php
#	resources/lang/pl/admin/locations/table.php
#	resources/lang/pl/admin/reports/general.php
#	resources/lang/pl/admin/settings/general.php
#	resources/lang/pl/admin/settings/message.php
#	resources/lang/pl/admin/users/general.php
#	resources/lang/pl/button.php
#	resources/lang/pl/general.php
#	resources/lang/pt-PT/admin/companies/general.php
#	resources/lang/pt-PT/admin/custom_fields/general.php
#	resources/lang/pt-PT/admin/depreciations/general.php
#	resources/lang/pt-PT/admin/depreciations/table.php
#	resources/lang/pt-PT/admin/groups/titles.php
#	resources/lang/pt-PT/admin/hardware/form.php
#	resources/lang/pt-PT/admin/hardware/general.php
#	resources/lang/pt-PT/general.php
#	resources/lang/pt-PT/help.php
#	resources/lang/pt-PT/validation.php
#	resources/lang/ro/admin/companies/general.php
#	resources/lang/ro/admin/custom_fields/general.php
#	resources/lang/ro/admin/groups/titles.php
#	resources/lang/ro/admin/hardware/form.php
#	resources/lang/ro/admin/hardware/general.php
#	resources/lang/ro/admin/hardware/message.php
#	resources/lang/ro/admin/hardware/table.php
#	resources/lang/ro/admin/locations/table.php
#	resources/lang/ro/admin/settings/message.php
#	resources/lang/ru/admin/companies/general.php
#	resources/lang/ru/admin/custom_fields/general.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/button.php
#	resources/lang/ru/general.php
#	resources/lang/ru/validation.php
#	resources/lang/sk/admin/settings/general.php
#	resources/lang/sk/button.php
#	resources/lang/sk/general.php
#	resources/lang/tr/admin/hardware/form.php
#	resources/lang/tr/admin/hardware/table.php
#	resources/lang/tr/admin/kits/general.php
#	resources/lang/tr/admin/locations/table.php
#	resources/lang/tr/admin/reports/general.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/admin/settings/message.php
#	resources/lang/tr/admin/statuslabels/message.php
#	resources/lang/tr/admin/users/general.php
#	resources/lang/tr/button.php
#	resources/lang/tr/general.php
#	resources/lang/zh-CN/admin/companies/general.php
#	resources/lang/zh-CN/admin/custom_fields/general.php
#	resources/lang/zh-CN/admin/depreciations/general.php
#	resources/lang/zh-CN/admin/depreciations/table.php
#	resources/lang/zh-CN/admin/groups/titles.php
#	resources/lang/zh-CN/admin/hardware/form.php
#	resources/lang/zh-CN/admin/hardware/general.php
#	resources/lang/zh-CN/admin/hardware/message.php
#	resources/lang/zh-CN/admin/hardware/table.php
#	resources/lang/zh-CN/admin/kits/general.php
#	resources/lang/zh-CN/admin/locations/table.php
#	resources/lang/zh-CN/admin/reports/general.php
#	resources/lang/zh-CN/admin/settings/general.php
#	resources/lang/zh-CN/admin/settings/message.php
#	resources/lang/zh-CN/admin/statuslabels/message.php
#	resources/lang/zh-CN/admin/users/general.php
#	resources/lang/zh-CN/button.php
#	resources/lang/zh-CN/general.php
#	resources/lang/zh-CN/mail.php
#	resources/views/depreciations/edit.blade.php
2022-02-01 18:53:05 -08:00
snipe 669826f6b2
Merge pull request #10574 from uberbrady/fix_force_root_url_v6
Add some guardrails around very-badly formatted APP_URL settings
2022-02-01 16:14:48 -08:00
snipe 8083ba8dca
Merge pull request #10590 from inietov/fixes/bulkedit_does_not_show_in_history_develop
Fixes Bulk edit doesn't show in Asset's history nor Activity report for develop [sc-16550]
2022-02-01 16:14:25 -08:00
Ivan Nieto Vivanco 3ef775533a Adds actionlog for bulk edits 2022-02-01 12:10:46 -06:00
Ivan Nieto Vivanco 2fec40d7df Adds actionlog for bulk edits 2022-02-01 00:00:12 -06:00
Brady Wetherington 72e9360228 Merge remote-tracking branch 'upstream/develop' into develop 2022-01-31 10:13:30 -08:00
snipe aa3aa78204 Adds Lookup Asset by Custom Field via API [sc-18632]
Signed-off-by: snipe <snipe@snipe.net>
2022-01-28 09:08:48 -08:00
snipe db0a078c0b
Merge pull request #10573 from uberbrady/fix_force_root_url
Add some guardrails around very-badly formatted APP_URL settings
2022-01-27 11:29:29 -08:00
Brady Wetherington 44719e3dcc Fix whitespace issues 2022-01-27 11:29:20 -08:00
Brady Wetherington 1cf1278b3b Fix whitespace issues 2022-01-27 11:28:51 -08:00
Brady Wetherington 476075235a Add some guardrails around very-badly formatted APP_URL settings 2022-01-27 11:24:21 -08:00
Brady Wetherington 70648dedd3 Add some guardrails around very-badly formatted APP_URL settings 2022-01-27 11:21:46 -08:00
snipe a65fb63b6b
Merge pull request #10511 from inietov/features/audit_date_in_importer
Adds audit dates in the asset importer
2022-01-27 10:58:53 -08:00
snipe 9634dde0dd
Merge pull request #10567 from inietov/fixes/importing_and_checking_out_licenses_master
Fixes Importing licenses without product key duplicates the license
2022-01-27 10:58:06 -08:00
snipe c70ae19c28
Merge pull request #10529 from uberbrady/fix_insecure_host_headers
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden (v5)
2022-01-26 16:59:55 -08:00
snipe b153138d1e
Merge pull request #10534 from inietov/feature/add_remaining_address_field_to_user_import_develop
Add Zip field in the User Importer for develop [sc-18556]
2022-01-26 16:58:37 -08:00
Ivan Nieto Vivanco 55fdc86e02 Tweak query in the License Importer to not require a Product Key 2022-01-26 17:51:04 -06:00
Ivan Nieto Vivanco 450cb8f92f Tweak query in the License Importer to not require a Product Key 2022-01-26 17:49:34 -06:00
Brady Wetherington 48f1380f6e
Merge pull request #10528 from uberbrady/fix_insecure_host_headers_v6
Force UrlGenerator's Root URL to be the base of APP_URL unless overriden
2022-01-24 18:26:30 -08:00
Ivan Nieto Vivanco 7383ec7f1e Add an early return if the model id is not set (for new Asset Models) 2022-01-21 11:45:45 -06:00
Ivan Nieto Vivanco c86ed892ab Add Zip field in the User Importer 2022-01-19 13:52:15 -06:00
Ivan Nieto Vivanco 1fc71a4111 Add Zip field in the User Importer 2022-01-19 13:35:54 -06:00
Brady Wetherington 0c4768fd2a Force UrlGenerator's Root URL to be the base of APP_URL unless overriden
(For v5)
2022-01-18 15:52:59 -08:00
Brady Wetherington 455bc736be Force UrlGenerator's Root URL to be the base of APP_URL unless overriden 2022-01-18 15:31:30 -08:00
Ivan Nieto Vivanco a05795420a Respect the default value of 60 days in expiring licenses 2022-01-18 14:34:14 -06:00
Ivan Nieto Vivanco 42d86bf57b Adds default values if the expiring alerts threshold is null 2022-01-18 14:21:49 -06:00
Ivan Nieto Vivanco f510b9c2a9 Add query to filter non-deprecable assets when the Depreciation Report is called 2022-01-15 14:21:31 -06:00
Ivan Nieto Vivanco 8334ed6f7e Add query to filter non-deprecable assets when the Depreciation Report is called 2022-01-15 14:01:19 -06:00
Ivan Nieto Vivanco 153c30eda8 Add to Importer the capacity to search Models only with Model Name since Model Number is not required 2022-01-15 04:32:47 -06:00
Ivan Nieto Vivanco 58b1db29e2 Adds condition to only update the Asset's Model Number if is provided by import file 2022-01-15 04:15:38 -06:00
Ivan Nieto Vivanco 8bd280b416 Add to Importer the capacity to search Models only with Model Name since Model Number is not required 2022-01-15 04:12:30 -06:00
Brady Wetherington ef463a37d8 Make 'pending' assets properly requestable; use requestable scope 2022-01-14 12:48:33 -08:00
snipe 207ff014b1
Merge pull request #10514 from uberbrady/fix_double_wildcard_query_requestable
Fixed extraneous wildcard query in requestable asset search
2022-01-13 19:39:08 -08:00
Brady Wetherington 65e584c2bd Revert the unnecessary optimization for asset->count() 2022-01-13 19:37:08 -08:00
snipe 24a234ede3
Merge pull request #10503 from uberbrady/develop_fix_dont_req_preauth_uac
Permit DONT_REQ_PREAUTH AD users to log in
2022-01-13 17:01:59 -08:00
snipe be7e6ed847
Merge pull request #10502 from uberbrady/ldap_useraccountcontrol_dont_req_preauth
Add new UserAccountControl to permitted UAC's for AD.
2022-01-13 17:01:47 -08:00
Brady Wetherington 4e8ae8a162 Fix extraneous wildcard query in requestable asset search 2022-01-13 16:32:40 -08:00
Ivan Nieto Vivanco 949fe2a14a Adds last_audit_date and next_audit_date in the asset importer 2022-01-13 15:14:20 -06:00
snipe 984db1ef44 Apply personal API token fix to master
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:39:56 -08:00
snipe 512dbfee7a Added gate to check that the user is allowed to view API keys
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:33:27 -08:00
snipe eb8f23a888 Removed commented code
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:32:28 -08:00
snipe 8f4ec95fbb Remove assets query, since we handle that via API call now and just need the count()
Signed-off-by: snipe <snipe@snipe.net>
2022-01-12 23:23:00 -08:00
snipe 224d0b2fd2 Small language file additions
Signed-off-by: snipe <snipe@snipe.net>
2022-01-12 22:21:00 -08:00
snipe 43c57c8461 Merge master into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Http/Controllers/BulkAssetModelsController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/ModalController.php
#	app/Http/Transformers/GroupsTransformer.php
#	config/version.php
#	package-lock.json
#	public/css/build/app.css
#	public/css/build/overrides.css
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/assets/less/overrides.less
#	resources/lang/en/admin/hardware/message.php
#	resources/lang/en/admin/settings/general.php
#	resources/views/partials/bootstrap-table.blade.php
#	routes/web.php
2022-01-12 20:51:33 -08:00
Brady Wetherington a063806bcc Permit DONT_REQ_PREAUTH AD users to log in 2022-01-12 12:50:39 -08:00
Brady Wetherington c8fe929e09 Add new UserAccountControl to permitted UAC's for AD. 2022-01-12 12:07:51 -08:00
Alex Janes d2bb3e6377
Merge branch 'develop' into features/quickscan_checkin 2022-01-11 16:40:20 -05:00
Alex Janes edef640d35
Merge branch 'develop' into features/lock_logins_to_saml 2022-01-11 09:05:14 -05:00
snipe ea83567e7d
Merge pull request #10494 from exula/fix/increase_max_licenses
Fixed #7824
2022-01-10 15:04:47 -08:00
snipe d9624b59b4
Merge pull request #10264 from nuraeil/added-localized-strings
Added #10242: Improved localized strings
2022-01-10 14:48:52 -08:00
Brad 6b6a83a525 Removing something stupid PHPStorm put in the use area 2022-01-10 14:21:19 -05:00
Brad 81084fa717 Fixed #7824
Previously there was a 999 max seats on Licenses as anything above that seemed to cause slowdowns and failure.

This commit allievates those pain points

- removed freeSeats as a hydrated Eloquent model on JSON requests for the licenses index
- removed 'licenseSeats.user', 'licenseSeats.asset' from the 'with' clause as it's not needed in the view (Datatabales takes care of that)
- removed the 999 max seats limit from the License Model,
- reworked how new license seats are created when increasing seats or creating licenses
- Added an index the license_seats table to help speed up lookups
2022-01-10 14:03:28 -05:00
Wächtler, Yannick 04d649122b Fixed duplication for a couple of items, removed TODO markers, added lots of translation strings where there was a TODO 2022-01-06 12:35:37 +01:00
Haxatron bb095641c2
Update BulkAssetModelsController.php
https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7
2022-01-06 09:50:11 +08:00
snipe 884b6b0270 Fixes format property on invalid custom field object
Signed-off-by: snipe <snipe@snipe.net>
2022-01-03 19:14:50 -08:00
Brady Wetherington 95c30cae8d Some duplicate imports at the top of the Settings file 2022-01-03 13:53:53 -08:00
Brady Wetherington 3c7f2e89ec Merge branch 'develop' into remove_old_ldap
Had to re-do the composer install because the conflicts were too complicated.
2022-01-03 12:56:58 -08:00
snipe 2ee84c2675 Added a few more comments
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:33:28 -08:00
snipe c6ce928567 Added allow list to modal view options
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:16:49 -08:00
snipe b4fac3e4ae Fixed missing index for fieldsets
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 13:16:44 -08:00
snipe bad6b862ca assets_count doesnt exist as a column
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 12:59:16 -08:00
snipe 359b22e17a Applies #10470 to develop
Signed-off-by: snipe <snipe@snipe.net>
2021-12-27 13:22:47 -08:00
snipe 8588e9ebf1 Fixed #10469 - increased size of supplier address field
Signed-off-by: snipe <snipe@snipe.net>
2021-12-27 12:28:02 -08:00
Alex Janes d0bfd8dfd2 Fixed the collection of the groups total to GroupsTransformer.php. Groups page should now paginate correctly. 2021-12-23 20:54:34 -05:00
Alex Janes 7acb559069 corrected issue with asset not found errors 2021-12-20 19:55:00 -05:00
Alex Janes 2b5aca183c removed unnecessary additional data call from api method 2021-12-19 19:21:58 -05:00
Alex Janes 14b21a6e95 removed some whitespace 2021-12-19 19:17:32 -05:00
Alex Janes 08cb8c354b more cleanup to fit formatting convention 2021-12-19 19:11:24 -05:00
Alex Janes 29da4f4325 Removed a bunch of redundant code I created from the API 2021-12-19 18:39:57 -05:00
Alex Janes bc4fe88ac0 First version of bulk checkin 2021-12-19 16:53:31 -05:00
Alex Janes a68ec8bb57
Update LoginController.php
Updated if statements to match convention exactly.
2021-12-17 18:52:42 -05:00
Alex Janes 74de91c31a
Merge pull request #1 from snipe/develop
Develop
2021-12-17 14:51:03 -05:00
snipe 9b2dd6522f Switch GET to POST for asset request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 20:36:08 -08:00
Alex Janes d99db5c63b bug fix and formatting fix 2021-12-16 19:04:37 -05:00
snipe 398180dc59 Small merge unmagling
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 14:38:04 -08:00
snipe c3d55ee27e Merge master down into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Models/Setting.php
#	config/version.php
#	resources/lang/af/button.php
#	resources/lang/ar/button.php
#	resources/lang/bg/button.php
#	resources/lang/cs/button.php
#	resources/lang/cy/button.php
#	resources/lang/da/button.php
#	resources/lang/de/button.php
#	resources/lang/el/button.php
#	resources/lang/en-GB/button.php
#	resources/lang/en-ID/button.php
#	resources/lang/es-CO/admin/groups/message.php
#	resources/lang/es-MX/button.php
#	resources/lang/et/admin/custom_fields/general.php
#	resources/lang/et/admin/hardware/table.php
#	resources/lang/et/admin/kits/general.php
#	resources/lang/et/admin/manufacturers/message.php
#	resources/lang/et/admin/models/general.php
#	resources/lang/et/admin/settings/general.php
#	resources/lang/et/button.php
#	resources/lang/et/mail.php
#	resources/lang/fa/button.php
#	resources/lang/fa/help.php
#	resources/lang/fi/button.php
#	resources/lang/fil/button.php
#	resources/lang/fr/button.php
#	resources/lang/ga-IE/button.php
#	resources/lang/he/button.php
#	resources/lang/hr/button.php
#	resources/lang/hu/admin/settings/general.php
#	resources/lang/hu/auth/message.php
#	resources/lang/hu/button.php
#	resources/lang/hu/mail.php
#	resources/lang/id/admin/hardware/table.php
#	resources/lang/id/button.php
#	resources/lang/it/button.php
#	resources/lang/iu/button.php
#	resources/lang/ja/button.php
#	resources/lang/ko/button.php
#	resources/lang/lt/button.php
#	resources/lang/lv/button.php
#	resources/lang/mi/button.php
#	resources/lang/mk/button.php
#	resources/lang/ml-IN/button.php
#	resources/lang/mn/button.php
#	resources/lang/ms/admin/hardware/table.php
#	resources/lang/ms/admin/kits/general.php
#	resources/lang/ms/admin/models/general.php
#	resources/lang/ms/admin/models/message.php
#	resources/lang/ms/admin/settings/general.php
#	resources/lang/ms/button.php
#	resources/lang/nl/button.php
#	resources/lang/no/admin/hardware/table.php
#	resources/lang/no/admin/kits/general.php
#	resources/lang/no/admin/settings/general.php
#	resources/lang/no/auth/message.php
#	resources/lang/no/button.php
#	resources/lang/no/help.php
#	resources/lang/no/mail.php
#	resources/lang/pl/button.php
#	resources/lang/pt-BR/button.php
#	resources/lang/pt-PT/auth/message.php
#	resources/lang/pt-PT/button.php
#	resources/lang/pt-PT/mail.php
#	resources/lang/ro/button.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/button.php
#	resources/lang/ru/help.php
#	resources/lang/sl/admin/custom_fields/general.php
#	resources/lang/sl/admin/hardware/table.php
#	resources/lang/sl/admin/kits/general.php
#	resources/lang/sl/admin/manufacturers/message.php
#	resources/lang/sl/admin/models/general.php
#	resources/lang/sl/admin/settings/general.php
#	resources/lang/sl/admin/users/general.php
#	resources/lang/sl/auth/message.php
#	resources/lang/sl/button.php
#	resources/lang/sl/help.php
#	resources/lang/sr-CS/button.php
#	resources/lang/ta/button.php
#	resources/lang/th/button.php
#	resources/lang/th/mail.php
#	resources/lang/tl/button.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/auth/message.php
#	resources/lang/tr/button.php
#	resources/lang/uk/button.php
#	resources/lang/ur-PK/button.php
#	resources/lang/vi/button.php
#	resources/lang/zh-CN/button.php
#	resources/lang/zh-HK/button.php
#	resources/lang/zh-TW/admin/hardware/table.php
#	resources/lang/zh-TW/button.php
#	resources/lang/zu/button.php
#	resources/views/models/custom_fields_form.blade.php
#	resources/views/reports/custom.blade.php
#	resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
Alex Janes 6898119891 Replaced env() with config() to check environment variables
Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
2021-12-16 16:56:39 -05:00
Alex Janes a6116a1b15 If SAML required, don't accept login form post. 2021-12-16 14:33:25 -05:00
Alex Janes 3c8d70c5fb Add option to environment to require SAML for a more secure installation. 2021-12-16 11:44:07 -05:00
Bradley Coudriet dbdc1c7f3f
Update SettingsController.php to save Slack Settings
This goes with #10438 that I just submitted about Slack Settings not saving.

This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco c80aa2a289 Add title column to custom reports 2021-12-14 12:05:33 -06:00
Ivan Nieto Vivanco 0037cdb00c Add title column to custom reports 2021-12-13 20:27:23 -06:00
snipe 25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected
Fixes bulk edit message counts more users than the actual selected users number
2021-12-13 14:13:14 -08:00
snipe 9d5d1a9f9a Added escape to assigned_to API response
Signed-off-by: snipe <snipe@snipe.net>
2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco a419a690d4 Add a variable to better control the selected user's ids 2021-12-11 18:01:38 -06:00
Brady Wetherington ea71086dfc Yank assetlog from eager-load clause in API query for develop 2021-12-10 18:50:34 -08:00
Brady Wetherington acfb41f129 Remove 'actionlog' from the ::with() clause in the asset query API 2021-12-10 18:42:56 -08:00
Haxatron 1699c09758
Update AssetModelsController.php 2021-12-09 21:42:18 +08:00
Haxatron 918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/ 2021-12-09 12:57:04 +08:00
snipe 86afe6c4b1 Cleanup slack validation
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 18:03:56 -08:00
snipe ff97b359ad Removed form request on ajax, cleaned up some other things
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:58:46 -08:00
snipe 81b66d0039 Change validation failure to 422 to make it consistent with Laravel's default
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:35 -08:00
snipe 8fa690b635 Reverting form request because it doesn't seem to work (????!!)
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:15 -08:00
snipe 8c1cd87831 Added slacksettingsrequest as use statement
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:56:22 -08:00
snipe 80d36cd72b Added slack settings request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:53:05 -08:00
snipe 6d84482104
Merge pull request #10388 from snipe/features/switch_to_dusk
WIP - Fixing unit tests, switching to dusk
2021-12-06 14:19:36 -08:00
snipe ebdbc20740 Adds stricter validation for slack endpoints
Signed-off-by: snipe <snipe@snipe.net>
2021-12-06 11:40:24 -08:00
snipe f334bf1058 Fixed notification tests
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 20:01:03 -08:00
snipe 00b63fe7c7 Fixed category factory methods
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 13:40:16 -08:00
snipe cae62fd4c7
Merge pull request #9902 from SidingsMedia/sum_cost_by_quantity
Fixed #5676: Sum cost by quantity
2021-12-02 12:13:04 -08:00
snipe d08c1787a1 First steps at getting dusk working
Signed-off-by: snipe <snipe@snipe.net>
2021-11-30 20:09:29 -08:00
snipe ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe 00fad35c2a Escape notes in transformCheckedOutAccessory
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe 3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe 29bbfad693 Applied escaping fix from master to develop
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:38:27 -08:00
snipe 830d07f84f Removed escaping on input save for asset checkout on creation
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco 1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
Matthew Nickson 9381ba2404
Merge branch 'develop' into sum_cost_by_quantity 2021-11-21 18:59:34 +00:00
Brady Wetherington e8f5dc85a6 Downgraded a FIXME to a TODO 2021-11-19 16:38:46 -08:00
snipe c49c5f4164 Added text-right to presenters for money values
Signed-off-by: snipe <snipe@snipe.net>
2021-11-18 15:09:17 -08:00
snipe bbb0d1be17 Possible fix for asset model editing when no custom fieldset is associated
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 21:09:35 -08:00
snipe f7b483358f Escape custom field values in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
snipe 476e17055b Escape custom fields in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:31:01 -08:00
snipe 46d2f8a81d Disallow file upload to backups on demo
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:42:02 -08:00