Ivan Nieto
025ea93f05
Fix for when a user with the correct permissions couldn't update Manufacturers. ( #7882 )
...
* Changed the ability name from 'edit' to 'update'. Changed the order of execution: first checks if the manufacturer exists, then checks permissions
* Handles the update method, that also has the ability parameter as edit instead of update"
q
* Revert "Handles the update method, that also has the ability parameter as edit instead of update""
This reverts commit d7dc0e451e
.
* Handles the update method, that also has the ability parameter as 'edit' instead of 'update'
2020-03-06 15:59:51 -08:00
snipe
54fd8f81ff
Added permissions on user api ( #7883 )
...
* Add permissions to user edit API
* Add user permissions on user create/update API endpoint
2020-03-06 15:28:46 -08:00
snipe
ca43554327
Fixes search by serial or tag even if they have slashes in them ( #7879 )
...
* Fixes search by serial or tag even if they have slashes in them
* Added support for url param byTag and bySerial
* Fixed typo comments
* Sojme additional comments to clarify use-cases
* Updated comments for clarity
2020-03-06 14:55:20 -08:00
snipe
61bdb88ba5
Add @ColinMcNeil as a contributor
2020-03-04 22:38:09 -08:00
snipe
36696ab56e
Add @bigtreeEdo as a contributor
2020-03-04 22:37:57 -08:00
snipe
f0f9b93652
Add @Godmartinz as a contributor
2020-03-04 22:37:45 -08:00
snipe
a2fae76eaf
Bumped version
2020-03-04 22:37:17 -08:00
snipe
8b2f8ef3cb
Spelling is hard :(
2020-03-04 22:19:59 -08:00
snipe
5307e57bd9
Fix for CVE-2019-10772
...
Vuln in SVG sanitizer library
2020-03-04 22:15:31 -08:00
snipe
15518852aa
Added validation to reject email addresses over 250 characters
2020-03-04 22:08:07 -08:00
snipe
60fc1d3f6d
Added/matched forgotten password strings in lang files
2020-03-04 22:07:35 -08:00
snipe
d1a8d76d85
Set maxlength in password reset form to 250
2020-03-04 22:06:43 -08:00
snipe
803f5ad0ab
Fixed #7870 : fixed SSL connectivity for PaaS DBs ( #7874 )
2020-03-04 19:39:23 -08:00
Godfrey Martinez
0e0fe967e4
BadMethodCallException Method update does [ch10544] ( #7804 )
2020-02-10 19:27:23 -08:00
snipe
192917cc84
Slightly better fix for requestable import bug
2020-02-10 17:34:32 -08:00
snipe
81880645ed
Possible requestable fix
2020-02-10 11:40:39 -08:00
snipe
9eb4b0dda7
Disallow 0 as a number for labels per page
2020-02-04 19:14:58 -08:00
snipe
2f0ed129f0
Use “invalid barcode” image and suppress errors when barcode format is wrong
2020-02-04 18:15:01 -08:00
snipe
3361b859c0
Changes offset to use the actual item count as override instead of 0 ( #7788 )
2020-02-04 12:32:24 -08:00
bigtreeEdo
e27a9b137b
added 'requestable' to fillable attributes. ( #7787 )
2020-02-03 19:37:03 -08:00
snipe
89e2a3ae3c
Fixed #7752 - reformat /api/v1/users/me to use transformer
2020-01-30 13:12:43 -08:00
snipe
5f85d8132b
Fix for weird JSON parsing in actionlogs ( #7753 )
...
* Fix for weird JSON parsing in actionlogs
* Removed debugging code
* Check for the meta array
(If no fields, no array)
2020-01-24 17:31:43 -08:00
snipe
ca1285ec08
Updated favicon
2020-01-23 19:49:46 -08:00
Ivan Nieto
75bf8f3d58
Remove not existent variable 'id' in the redirect causing [ch10602] ( #7732 )
2020-01-17 16:12:24 -08:00
snipe
324da7c0c8
Include correct license, asset, etc count on user show API call
2019-12-19 18:09:53 -08:00
snipe
779fc6d195
Added license endpoint for users
2019-12-19 18:00:36 -08:00
Colin McNeil
db59106c3e
Move ldap import ini settings to config ( #7679 )
2019-12-19 11:51:55 -08:00
snipe
88fb1370f0
Added slightly friendlier error handling for assets without models
...
This scenario should never happen, barring someone manually editing their data, but better to handle that scenario in a more user-friendly way.
2019-12-06 18:17:03 -08:00
snipe
943cf40247
Merge branch 'master' of https://github.com/snipe/snipe-it
2019-12-06 13:14:31 -08:00
snipe
ff57f10e9f
Fix for searching on child location names ( #7646 )
...
* Fix for child locations
* Reverts temp changes to indenter
2019-12-06 13:14:10 -08:00
snipe
91bb76fd8a
Bumped version
2019-12-06 13:05:20 -08:00
snipe
893454dca7
Updated translations
2019-12-06 12:03:04 -08:00
snipe
de0b5a6149
Fixes #6440 - quote marks in the right place
2019-12-06 11:04:16 -08:00
Dustin B
8fd4e35244
Closes #6440 Print All Assigned - New Tab ( #7135 )
...
Should add the functionality to, by default open in a new tab and not reference back to the source page. Reduces overhead and should resolve #6440 .
Untested, need confirmation.
2019-12-06 11:00:01 -08:00
snipe
e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] ( #7639 )
...
* Added enshrined/svg-sanitize
* Added modular image resizing/SVG cleaning method
(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)
* Use improved handleImages method to upload/resize/clean images
* Removed $old_image
This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
snipe
3f5840d390
Bumped vendor files
2019-12-05 19:53:01 -08:00
dependabot[bot]
d3f4205f09
Bump symfony/http-foundation from 3.4.30 to 3.4.36 ( #7638 )
...
Bumps [symfony/http-foundation](https://github.com/symfony/http-foundation ) from 3.4.30 to 3.4.36.
- [Release notes](https://github.com/symfony/http-foundation/releases )
- [Changelog](https://github.com/symfony/http-foundation/blob/master/CHANGELOG.md )
- [Commits](https://github.com/symfony/http-foundation/compare/v3.4.30...v3.4.36 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-12-05 19:37:00 -08:00
Godfrey Martinez
5b946087c4
added a proper response for password errors ( #7636 )
2019-12-05 17:49:56 -08:00
snipe
ff8d98c97c
Update child assets to reflect asset parent location ( #7458 )
2019-12-04 16:19:25 -08:00
snipe
2fbbe430b5
Removed escaping on custom fields in presenter ( #7631 )
2019-12-03 17:42:13 -08:00
Godfrey Martinez
f0af750b0a
Fixed comment ( #7617 )
...
* Set theme jekyll-theme-hacker
* fixed commenty about scopebyDeprecationID being identified as a method to location ID
* fixed commenty about scopebyDeprecationID being identified as a method to location ID
2019-11-22 16:13:42 -08:00
snipe
88cf456386
Adding Dept to license seats ( #7609 )
...
* Adding Dept to license seats
* Added query scope to order by department
* Make license seat department sortable
* Disable license seat internal search - this never actually worked
2019-11-21 22:03:56 -08:00
snipe
d8049209ca
Fixed bug where deleted consumable would throw an error on print page
2019-11-21 21:43:54 -08:00
snipe
dd40ddf5a5
Fixed an error on audit due list when no audit_warning_days had been set [ch9764]
2019-11-21 21:34:41 -08:00
snipe
a73fd24695
Fix maintenances permissions check to allow users who can edit assets to edit maintenances
2019-11-08 17:02:17 -08:00
snipe
70c8ad9797
Bumped minor version
2019-10-28 13:55:21 -07:00
snipe
0290257734
Limit license seats to 999 to prevent latency
2019-10-28 13:48:18 -07:00
snipe
4fe689dc5d
Merge branch 'master' of https://github.com/snipe/snipe-it
2019-10-21 15:45:17 -07:00
snipe
0769f585ea
Disallow locations from being their own parents
2019-10-21 15:45:05 -07:00
snipe
04562e6d4a
Added 4260352 to ldapsync enabled account constraint
2019-10-18 17:48:50 -07:00