Commit graph

560 commits

Author SHA1 Message Date
snipe 250a797339 Fixed #7250 - permission issue for API fieldsets and fields endpoints
This applies the change from #7294 to master
2019-07-24 11:00:42 -07:00
Marián Skrip 8a1f6b74e8 Fix permission issue for API fieldsets and fields endpoints (#7294)
Close snipe/snipe-it#7250
2019-07-24 10:57:09 -07:00
snipe 444e250609 Fixed countable() strings on user destroy 2019-07-17 17:51:13 -07:00
snipe b4b6d6b571 Comment clarification on #7186 2019-07-15 15:31:09 -07:00
snipe 8c73a47afb Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed 2019-07-15 15:27:02 -07:00
snipe f82ffe378c Merge branch 'master' of https://github.com/snipe/snipe-it 2019-07-15 14:11:18 -07:00
snipe 984c2a8fd4 Better log message for bad LDAP connection 2019-07-15 14:10:57 -07:00
Ivan Nieto d409be6d43 Fix #6910: Add logic to manipulate the eloquent query. (#7006)
* Added company_id to consumables_users table

* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users

* Remove a migration that tries to fix this problem, but is not longer necessary
2019-07-15 13:02:44 -07:00
vicleos c6039cbc1d Vicleos fix storage namespace (#6901)
* Update CompaniesController.php

fixed companies destroy error

* fix Storage namespace loss
2019-05-30 19:10:04 -07:00
snipe 56576d9e45 Fixed more camel-casing -> snake-casing 2019-05-24 16:01:12 -07:00
snipe d5c3ee5ed0 Only try to get fieldset if model is valid 2019-05-24 15:44:54 -07:00
snipe d596ced0a0 Fixed free_seats_count variable name
(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)
2019-05-24 15:44:18 -07:00
snipe 93bf541ce7 Fixed missed consumables_count withCount() statement 2019-05-24 14:21:53 -07:00
snipe c5a23e8f5e Fixed bug where sorting by company name in Users API did not work
Fixes [ch9200]
2019-05-24 13:37:20 -07:00
snipe 2d036c64e9 Change ->has() to ->filled() 2019-05-23 17:39:50 -07:00
snipe 4be8ba9f17 Updated withCount to use manual naming 2019-05-22 00:52:51 -07:00
snipe 0358d13ddb Fixed #7044 - API update deleted custom fields if they are not re-presented 2019-05-20 11:49:18 -07:00
snipe 9eb7b668d1 Fixed #6880 - correctly encrypt encrypted fields via the API 2019-05-15 19:33:30 -07:00
snipe 888bdbdb68 Added ability to update groups via API
Fixes [ch9139]
2019-05-15 16:39:34 -07:00
Ivan Nieto e40a5a70a5 RTF support added (#7024)
* Added the Gatte Facade to AssetsController

* Added the filetype RTF in the modal to upload files

* Added validation of RTF files
2019-05-15 15:47:40 -07:00
snipe 407445456a Merge branch 'features/6204_email_audit-alerts' into develop
# Conflicts:
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/LicensesController.php
#	composer.json
#	composer.lock
#	config/version.php
#	resources/views/auth/two_factor_enroll.blade.php
2019-05-06 08:45:13 -04:00
snipe e5c2d77c7d
Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)
2019-05-05 22:32:52 -04:00
snipe e4a298ca2a Added scope for both overdue and upcoming 2019-05-05 22:13:30 -04:00
snipe 0f0ffd39a8 Added ability to pass audit specs to main API asset search method 2019-05-05 19:19:56 -04:00
snipe dc73dbfbfd Fixed #6911 - note must be a string on license checkin 2019-05-02 15:20:47 -07:00
Ivan Nieto b1f96448af Remove old redundant code in LicensesController, added an offset to AccessoriesController for pagination to work correctly (#6847) 2019-04-02 10:13:58 -07:00
snipe bca82684a1 Merge branch 'hotfixes/2fa_qr' into develop
# Conflicts:
#	.all-contributorsrc
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/ImportController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/ImportsController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Requests/ItemImportRequest.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/version.php
#	docker/startup.sh
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
2019-03-20 02:17:02 -07:00
snipe 0e1289f12f
Fixes #6821 - fixed 2 fa active for users list (#6822)
* Fixed #6821 - confusing UI for 2FA when 2FA is universally enforced

I also updated the language in the user’s listing table to clarify what “activated” means

* Added login enabled info to user view

* Clarified comments

* Added info about 2FA on user profile

Because why not

* Added nowrap to table, and added 2FA reset for superadmins
2019-03-18 11:59:02 -07:00
snipe 7b33f95e83
Fixes/import permissions mask (#6826)
* Check for empty headers in import

* Added import permission

* Fixed model path in docblock

* Added import gate to default blade

* Check if the user is an admin OR idf they have import permissions

* Walked back that admin permission

Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission
2019-03-18 11:58:08 -07:00
Marián Skrip 8d63533205 Add write-only image_source field for asset create/edit API endpoint (#6146)
`image_source` should contain base64 encoded image data with mime-type.
2019-03-13 21:00:40 -07:00
Ivan Nieto 8c65214b1f Ignore the soft deleted assets in the eloquent query (#6824) 2019-03-13 20:14:30 -07:00
Martin Meredith e3e0d57f56 Minor code cleanup bits and bobs (#6805)
* Add IDE Helper files

* Cleanup imports

- Alphabetises imports
- Removes unused imports

* Add Platform requirements

* Move filling asset into block where asset exists

* Remove duplicate array keys
2019-03-13 20:12:03 -07:00
snipe 858d382e26 Changed logging to info level for LDAP 2019-03-13 15:14:03 -07:00
snipe 1b0d855c00 Added translation, removed commented out code 2019-03-13 12:15:48 -07:00
snipe 61afdeac2e Merge branch 'develop' of https://github.com/VELIKII-DIVAN/snipe-it into VELIKII-DIVAN-develop 2019-03-08 16:18:48 -08:00
snipe 5293cb30bd Merge branch 'fixes/only_present_image_url_if_image_present_in_profile_api' into develop 2019-03-05 23:54:08 -08:00
snipe 6d98bd6846
Fixed error if item requested or request was deleted (#6786)
ch628
2019-03-05 23:47:36 -08:00
snipe 0b0813b260 Fixed error if item requested or request was deleted
ch628
2019-03-05 23:46:40 -08:00
snipe 28a450ea25
Added ability to do full name search in user dropdown selectlist (#6784) 2019-03-05 21:13:39 -08:00
snipe 6696685d0b Merge branch 'fixes/full_name_search_user_selectlist' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	routes/api.php
2019-03-05 20:57:10 -08:00
snipe f065bd7784 Added ability to do full name search in user dropdown selectlist 2019-03-05 20:40:05 -08:00
snipe 288cc01c41 Merge branch 'features/accessories_users' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	config/version.php
#	routes/api.php
2019-03-01 17:30:03 -08:00
snipe 9575cd2651
Add accessories endpoint to user API (#6775) 2019-03-01 17:21:03 -08:00
snipe 348c13f318 Add accessories endpoint to user API 2019-03-01 16:31:22 -08:00
Dmitrii Minaev 16bb784e78 Codestyle & bug fixes 2019-02-28 01:37:58 +03:00
Dmitrii Minaev d3c320e56f Code comments and format 2019-02-23 22:44:03 +03:00
Dmitrii Minaev 5f3a0bdea5 app\Services\PredefinedKitService.php rename to app\Services\PredefinedKitCheckoutService.php
add accessories and consumables tables
add selectlist api to:
 app\Http\Controllers\Api\AccessoriesController.php
 app\Http\Controllers\Api\ConsumablesController.php
 app\Http\Controllers\Api\LicensesController.php
templates for selectlist
apply kit to user works
2019-02-19 22:19:00 +03:00
snipe 0242b3ec74 Handled JS cookie offset issue on the server side
We may want to handle this via the blades instead, as I’m not sure if API users will run into weirdness here.
2019-02-14 15:01:34 -08:00
snipe b26fbf986f Fixed issue where offset could be greater than total items, resulting in “No results” confusion 2019-02-14 14:49:08 -08:00
snipe 5c9b1ed43a Fixed #6676 - consumables API not respecting category id 2019-02-14 14:48:43 -08:00
snipe cd333fa93b Fixed wonky merge :( 2019-02-13 06:52:36 -08:00
snipe 533649f24e Merge branch 'develop' into dev-master-integration
# Conflicts:
#	.gitignore
#	.travis.yml
#	app/Console/Commands/LdapSync.php
#	app/Console/Commands/SendExpectedCheckinAlerts.php
#	app/Console/Commands/SendExpirationAlerts.php
#	app/Console/Commands/SendInventoryAlerts.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/ManufacturersController.php
#	app/Http/Controllers/Api/StatuslabelsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetMaintenancesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/ForgotPasswordController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/Auth/ResetPasswordController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/Importer.php
#	app/Importer/ItemImporter.php
#	app/Importer/UserImporter.php
#	app/Importer/import_mappings.md
#	app/Models/Ldap.php
#	app/Models/License.php
#	app/Models/Location.php
#	app/Models/Recipients/AlertRecipient.php
#	app/Models/User.php
#	app/Providers/AppServiceProvider.php
#	composer.json
#	composer.lock
#	config/trustedproxy.php
#	config/version.php
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/importer/importer-file.vue
#	resources/lang/ar/admin/settings/general.php
#	resources/lang/bg/admin/settings/general.php
#	resources/lang/en-ID/admin/settings/general.php
#	resources/lang/en-ID/passwords.php
#	resources/lang/en/passwords.php
#	resources/lang/es-CO/passwords.php
#	resources/lang/es-ES/passwords.php
#	resources/lang/es-MX/passwords.php
#	resources/lang/es-VE/passwords.php
#	resources/lang/fi/admin/settings/general.php
#	resources/lang/id/admin/settings/general.php
#	resources/lang/id/passwords.php
#	resources/lang/ja/passwords.php
#	resources/lang/nl/passwords.php
#	resources/lang/pl/admin/settings/general.php
#	resources/lang/pl/passwords.php
#	resources/lang/pt-BR/admin/settings/general.php
#	resources/lang/pt-BR/passwords.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/admin/statuslabels/table.php
#	resources/lang/ru/passwords.php
#	resources/lang/sr-CS/general.php
#	resources/lang/sr-CS/mail.php
#	resources/lang/sv-SE/admin/settings/general.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/passwords.php
#	resources/lang/vi/admin/models/message.php
#	resources/lang/vi/admin/users/general.php
#	resources/lang/zh-CN/admin/settings/general.php
#	resources/views/importer/import.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/partials/forms/edit/image-upload.blade.php
#	resources/views/users/edit.blade.php
#	resources/views/users/view.blade.php
#	tests/unit/ImporterTest.php
2019-02-13 06:42:52 -08:00
snipe f1fa5bdaa9 Fixed (develop) #6704 - don’t apply gate to $arrays collection, just check that they can view assets 2019-02-13 04:56:13 -08:00
snipe aa1e06f021 One more time…. Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets 2019-02-13 04:46:19 -08:00
snipe 30b1cfabf5 Fixed dumb formatting 2019-02-13 04:45:21 -08:00
snipe e75d22ab73 Revert "Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets"
This reverts commit b1e17743b8.
2019-02-13 04:44:19 -08:00
snipe b1e17743b8 Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets 2019-02-13 04:35:55 -08:00
snipe b317fb8d83 Fixed #6367 - pass table name and column_id to scopeCompanyables 2019-02-13 01:29:53 -08:00
snipe e2c0f01a10 Fixed #6367 - pass table name and column_id to scopeCompanyables
Solves error: Integrity constraint violation: 1052 Column 'company_id' in where clause is ambiguous
2019-02-13 01:26:11 -08:00
snipe 8e358faebc Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API 2019-02-12 22:15:32 -08:00
snipe 90cddb7aee
Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API (#6693)
Need to confirm that re-enabling `\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,` won’t mangle anything. I know we ran into some issues when testing a long time ago, but not sure those issues apply anymore, and I can’t remember what they were.
2019-02-12 22:08:38 -08:00
snipe 4fd469e07b Prevent editing special users demo mode 2019-02-04 19:13:55 -08:00
snipe 4fe63d2966 Fixed #6633 - return 200 status code on asset API 2019-02-04 18:59:49 -08:00
snipe 971fcf5800 Fixed #6633 - return 200 status code 2019-02-04 18:58:28 -08:00
snipe d1fe7abb18 Replaced custom deleted query scopes with onlyTrashed() 2019-01-24 14:47:44 -08:00
bricelabelle 5281713fd9 Added #6617: View licenses checked out to an asset with the hardware API (#6621) 2019-01-22 14:47:40 -08:00
NMathar 66f557d436 add user license api endpoint fix #6241 (#6616) 2019-01-22 13:48:15 -08:00
Steffen 1de9087427 LDAP fixes (#6533)
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder

* php 7.3 collect() fix (undefined variable)

* Fix travis ci

* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder

* php 7.3 collect() fix (undefined variable)

* change LDAP implementation from model to (singleton) service

* Re-apply check for content in ldap_server variable before parsing

* Update LDAP implementation

* Switch iCheck to minimal as referenced in js

* Don't init on load but on first access via init (returns ldap enabled status)

* Re-Enable notifications

* Re-add missing test target php versions

* Only init() once (singleton class, so ldap variable is already set)
2019-01-10 13:20:43 -08:00
Ivan Nieto 876ff2ef72 Fixes #6341. Some style changes in this fix. (#6492) 2018-12-14 18:08:33 -08:00
Wes Hulette 34246ee4ef [WIP] v5 Develop: New LDAP implementation (#6352)
* Fixed missing oauth tables during setup.

* WIP New LDAP implementation

* WIP New LDAP implementation

* WIP New LDAP implementation


Merge remote-tracking branch 'origin/WIP_LDAP' into WIP_LDAP

* WIP New LDAP implementation

Added Adldap2 to handle ldap intergration.

* Updated per PR quality review

* Added specific LDAP settings method

* Corrected version number

* Added return documentation

* Added imports

* Changed class to be injected into controller

* Updated with PR suggestions
2018-12-06 14:05:43 -08:00
Ivan Nieto f91e340178 Fixes #6341. Adding condition that checks offset of licenses seats when the user looks other page than the first. (#6392) 2018-12-05 18:09:54 -08:00
Minaev Dmitriy 79d979f47f Full kits manipulation without users intagration 2018-11-06 19:27:28 +03:00
snipe 8f22cf7c3c Added dept update API endpoint 2018-10-31 14:31:57 -07:00
Minaev Dmitriy 9d5cd27575 New save mechanic 2018-10-31 16:06:38 +03:00
Minaev Dmitriy f1f7694835 Merge remote-tracking branch 'remotes/upstream/develop' into develop 2018-10-19 19:00:53 +03:00
Minaev Dmitriy 0e66c3cb56 Predefined kits test 2018-10-19 17:30:25 +03:00
snipe d4fa81301d Check if user can see assets in statuslabels gate 2018-10-09 16:34:12 -07:00
snipe 84848fabd7 Fixed #6284 - missing checkout information on Status Labels API assets endpoint 2018-10-03 10:30:24 -07:00
snipe 79367642b1
[WIP] Added #5957 - Flysystem support (#6262)
* Added AWS url to example env

* Upgrader - added check for new storage path and attempt to move

* Ignore symlink

* Updated paths for models

* Moved copy methods

* Added AWS_URL support

For some reasin, Flysystem was generating the wrong AWS url (with a region included)

* Switch to Flysystem for image uploads

* Nicer display of image preview

* Updated image preview on edit blades to use Flysystem

* Twiddled some more paths

* Working filesystems config

* Updated Asset Models and Departments to use Flysystem

* Janky workaround for differing S3/local urls/paths

* Try to smartly use S3 as public disk if S3 is configured

* Use public disk Storage options for public files

* Additional transformer edits for Flysystem

* Removed debugging

* Added missing use Storage directive

* Updated seeders to use Flysystem

* Default logo

* Set a default width

We can potentially override this in settings later

* Use Flysystem for logo upload

* Update downloadFile to use Flysystem

* Updated AssetFilesController to use Flysystem

* Updated acceptance signatures to use Flysystem

* Updated signature view to use Flysystem

This isn’t working 100% yet

* Use Flysystem facade for displaying asset image

* Set assets path

Should clean all these up when we’re done here

* Added Rackspace support for Flysystem

* Added Flysystem migrator console command

* Added use Storage directive for categories

* Added user avatars to Flysystem

* Added profile avatar to Flysystem

* Added the option to delete local files with the migrator

* Added a check to prevent people from trying to move from local to local

* Fixed the selectlists for Flysystem

* Fixed the getImageUrl method to reflect Flysystem

* Fixed AWS copy process

* Fixed models path

* More selectlist updates for Flysystem

* Updated example .envs with updated env variable names

* *sigh*

* Updated non-asset getImageUrl() methods to use Flysystem

* Removed S3 hardcoding

* Use Flysystem in email headers

* Fixed typo

* Removed camera support from asset file upload

We’ll find a way to add this in later (and add that support to all of the other image uploads as well)

* Fixed path for categories

* WIP - Switched to standard handleImages for asset upload.

This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now.

* Fixed css URL error

* Updated Debugbar to latest version (#6265)

v3.2 adds support for Laravel 5.7

* Fixed: Missing CSS file in basic.blade.php (#6264)

* Fixed missing CSS file in basic.blade.php

* Added

* Changed stylesheet import for authorize.blade.php

* Updated composer lock

* Added AWS_BUCKET_ROOT as env variable

* Use nicer image preview for logo upload

* Removed AssetRequest form request

* Removed asset form request, moved custom field validation into model

* Added additional help text for logo upload

* Increased the size of the image resize - should make this a setting tho

* Few more formatting tweaks to logo section of branding blade preview

* Use Flysystem for asset/license file uploads

* Use Flysystem for removing images from models that have been deleted

* Enable backups to use Flysystem

This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3

* Use Flysystem to download license files

* Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
snipe eea65a3f26 Fixed manufacturers item count 2018-09-28 12:03:27 -07:00
snipe e5d0f74ba7 Fixed #6248 - add free seats to licenses API endpoint 2018-09-27 12:07:13 -07:00
snipe bcf9d2f75c Don’t require statuslabel view to check for deployable status 2018-09-25 13:39:54 -07:00
snipe 9108ff8caa fixed typo 2018-09-24 19:06:12 -07:00
snipe d5cf0f1fbd Prevent deleting manufactureres via API if they have items/models 2018-09-24 19:04:00 -07:00
snipe 4b2093b485 Added counts to location show() API method 2018-09-21 15:51:26 -07:00
snipe b69b5fdf84 Added counts to location show() API method 2018-09-21 15:50:14 -07:00
snipe d84366c6c5 Add empty array to groups if none filled in 2018-09-19 17:24:34 -07:00
Ivan Nieto b692f67779 Revision of #5471 (#6148)
* Search functionality in accessories/{accessory} issue #5471:
From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.

* A better fix to issue #5471. Now using the established relationship to querying for the users. Also Case-insensitive.

* Fixed previous commit that has magic number in the find method parameter of AccessoriesController.
2018-09-12 22:50:45 -07:00
snipe adf6e7d1cd Added group support for user API 2018-09-07 18:25:58 -07:00
snipe ff879e2018 Added the ability to update asset location when auditing - per #5854 2018-09-07 05:39:41 -07:00
Ivan Nieto 0014ef054b Search functionality in accessories/{accessory} issue #5471: (#6070)
From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.
2018-08-28 13:25:16 -07:00
Daniel Meltzer 2637ce56a1 Allow importcontroller to return 200 for failed delete. (#6034) 2018-08-02 09:53:54 -07:00
snipe f5a5d830a5 Better handling for deleting imports where the files may have been moved 2018-08-01 20:49:55 -07:00
snipe 9168979d9e Fixed #6027 - added model to asset maintenances listing 2018-08-01 18:24:52 -07:00
snipe 3f394f42c7 Partial fix for better UI on deleting files
Still needs Vue stuff
2018-08-01 18:01:16 -07:00
snipe b2c99c88bb Fixed #6028 - added supplier url to list view 2018-08-01 17:37:58 -07:00
snipe 694166862e
Added attempted logins admin screen (#6018)
* Added attempted logins admin screen

* Smaller table spacing
2018-08-01 03:51:59 -07:00
snipe 911c2398ef Fixed #6004 - set a default next_audit_date if none provided 2018-08-01 03:04:29 -07:00
snipe 2c38036123
Improvement: Better documentation, small refactors (#6017)
* Better documentation, small refactors

* Small comment fixes
2018-08-01 00:06:41 -07:00
snipe b1b5eeecba Fixed #6013 - add accessory checkout notes to detail page 2018-07-31 16:00:38 -07:00
Daniel Meltzer 94c79fa69a Fixed #5964 - Feature: Group IDs can be passed to User Create. (#5990)
Also added to update, and adjusted api tests to confirm.  Long term it
might be nice to look at support for passing group names instead.

Bug: 5964
2018-07-27 12:01:59 -07:00
snipe 9618878023 Restrict users asset listing to just assets checked out to users 2018-07-25 21:40:33 -07:00
snipe 614e858e44 Restrict users asset listing to just assets checked out to users 2018-07-25 21:38:14 -07:00
snipe 86c1f11bec Change $request->has to $request->filled unilaterally 2018-07-24 22:51:31 -07:00
snipe 0714ac4248 Update withCounts because Laravel 5.5 :( 2018-07-24 22:40:05 -07:00
Daniel Meltzer 64d649be7f Monster: Cleanup/Refactor http controllers. (#5916)
* Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods.

* Use same image upload/layout in accessories as consum+components.

* Monster: Cleanup/Refactor http controllers.

This cleans up docblocks, pulls most non-crudy actions into their own
controllers, and does general cleanup/logic refactoring.  There /should/
be no functional changes, but we all know how should works..

Extract checkin/checkout functions to a separate controller for accessories.

Move controllers to subdirectory.

Cleanup AssetModelsController

Extract component checkin/checkout

Assorted cleanups/doc/formatting in controllers.

Refactor LicenseController.

Refactor UsersController

Update viewassetscontroller.

* Codacy cleanups

* More codacy cleanups.  Extract a LicenseCheckout Form request as well.

* A bit more refactor/cleaning of the license checkout method.

* Review Related Cleanups

* Fix most of the item_not_found translations.  In many cases, the
string being generated did not even use the id parameter.  Where it
does, pass it as id instead of as a different value.

* Remove some old $data arrays from when we manually sent emails from
the controllers.  This has been superseeded by the notification system
(yay!)

* Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
Daniel Meltzer 3bc43210ab Add ID to the allowed sort fields in api/Users. (#5929) 2018-07-23 06:46:50 -07:00
snipe 5a1e1c73c9 Include show_in_list option in select 2018-07-18 03:59:02 -07:00
snipe d9fa2f0e91 Fixed #5842 - added components to location detail view 2018-07-16 21:50:14 -07:00
Daniel Meltzer 50e0b9b84e category_id not category_i (#5844) 2018-07-16 14:23:24 -07:00
Till Deeke baa3be728d Refactoring: A nicer and easier syntax for searching models (#5841)
* Adds the ability to search by dates

Adding extra „where“-conditions to the „TextSearch“ queries, allowing the users to search by dates

* Adds missing dates to $dates in models

* Removes duplicated „where“ conditions

* Adds the Searchable trait to models, defining the searchable attributes and relations

* Removes the old text search methods

* Adds back additional conditions to the search

These conditions could not be modeled in the „attributes“ or „relations“, so we include them here

* Removes unnecessary check for the deleted_at attribute

* Fixes typo in comments

* suppresses errors from Codacy

We can safely ignore the error codacy is throwing here, since this method is a standin/noop for models who need to implement more advanced searches
2018-07-16 14:13:07 -07:00
Till Deeke 0fb9f42ba4 Removes setting the encryption status on update (#5833)
When we are updating a custom field, we don’t want to change the „field_encrypted“-setting on it.
2018-07-13 04:04:30 -07:00
Till Deeke 48bbbe0f40 Fixing authorization issues (#5807)
* adds permission checks for companies

* adds permission checks for depreciations

* adds permission check for all reports

* fixes permissions for departments

* fixes permission naming (edit -> update)

* fixes authorization checking wrong permission in API

The authorization was checking for the non-existent „edit“ method where it should have checked for the „update“ method.

* adds authorization checks for select2 lists

* adds missing authorization checks for api

* fixes user authorization check for creating users

* adds additional check viewing assets on showing a users assets

* Removes authorization checks for select2 lists

Reference: https://github.com/snipe/snipe-it/pull/5807#pullrequestreview-136018755
2018-07-12 18:28:02 -07:00
Juan Font 311f9fcefb Implemented method to get info on the current user of the API (#5722)
* Implemented method to get info on the current user of the API

* Move userinfo method to UsersController

* Added missing files
2018-07-02 20:35:10 -07:00
snipe 4c656c0321
De-normalize new counters from 4.3.0 (#5547)
* Added de-norm counter migration for assets

* Renaming counter columns, since Eloquent has a magical *_count helper

* Added artisan command to sync counters (one-off)

* Update API to use de-normed fields

* Increment counters for checkin;/checkout

* Derp.

* Added request increment/decrementer

* Move increment for checkout to the Asset::checkout method

* Added “could take a while” message
2018-05-16 19:20:43 -07:00
snipe 7b8362b64c Added license categories 2018-05-04 21:01:38 -07:00
snipe 0be69f57ac Improved files display 2018-05-02 14:13:06 -07:00
snipe 71708e349c
PHP7.2 count fixes (#5427)
* PHP 7.2 count() fixes

* Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
snipe 5365182c86 Fixed advanced search on supplier, count for PHP7.2 2018-04-25 20:25:03 -07:00
Hannah Tinkler c4c520c1a3 Fixes #4445: prevents assigned assets from being checked out in bulk checkout (#5421)
* Fixes #4445: prevents assigned assets from being checked out in bulk checkout

* Updates data attribute to more versatile 'data-asset-status-type'

* Fixes broken unit test
2018-04-25 02:39:23 -07:00
Hannah Tinkler 8d501e1c24 Feature/custom fields default values (#5389)
* Fixes CustomFieldsetsController::fields() which I think is not used anywhere else and don't think ever worked as you can't call get() on a Collection.
Have tested extensively and doesn't seem to affect anywhere else?

* Adds default value functionality

* Adds built assets

* Fixes assignment to asset_model_id which should have been evaluation and alters route so it sits more in line with existing work

* Updates built assets

* Remove silly docker.env file; fix Dockerfile to preserve Oauth keys (#5377)

* Added department to custom asset export
Updates build assets

* Adds translation support for 'add default values' checkbox label
2018-04-23 21:16:55 -07:00
Stephen c23955d0b5 Allow setting of "ldap_import" through the API (#5218)
* Allow setting of "ldap_import" through the API, this will allow cusom scripts to be made to import data from Active directory using the API, this would allow any field to be filled such as the manager (based on the ID), department etc.

* Password fix for LDAP through API
2018-04-20 14:02:52 -07:00
snipe 6efe9efab8
Fixes #5393 - added notes to suppliers API (#5400) 2018-04-19 18:28:22 -07:00
snipe bbc0695a8f
Added count of checkins, checkouts, requests (#5314)
* Added count of checkins, checkouts, requests

* Removed old commented items

* Use actionlog instead of redefining the relationship
2018-04-06 16:23:39 -07:00
snipe 8a6713d5c0
WIP - Improved requested assets (#5289)
* WIP - beginning of improved requested assets

- Use Ajax tables for faster loading
- Use new notifications for requesting an asset

TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user

* Only show asset name in email if it has one

* Refactor requested method to only include non-canceled requests

* Refactored requestable assets to log request and cancelation

* Added softdeletes on checkout requests

* Differentiate between canceling and deleting requests

* Added asset request cancelation notification

* Added timestamps and corrected unique key on requests table

* Improved requests view

* Re-use blade for cancel/request email

* Refactored BS table formatter for requested assets

* Location name min reduced to 2

* Added PAT test as maintenance option

This needs to be refactored into database-driven options with a UI

* Better slack message

* Added getImageUrl method for assets

* Include qty in request notifications

TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1

* Removed old asset request/cancel emails

* Added user profile asset request routes

* Added profile controller requested assets method

* Added blade link to requested assets for profile view

* Sort user history desc

* Added requested assets blade

* Added canceled at to checkoutRequest method

* Include qty in request

* Fixed comment, removed allowed_columns

* Removed Queable methods, since we don’t use a queue

* Fixed return type in method doc

* Fixed version number

* Changed id to user_id for clarity
2018-04-04 17:33:02 -07:00
snipe 201efecafa Fixed #5293 - component category drilldown 2018-04-02 16:12:19 -07:00
snipe 46f5f21368
Notification improvements (#5254)
* Added “show fields in email” to custom fields

* Added “show images in email” to settings

* Added nicer HTML emails

* Break notifications out into their own, instead of trying to mash them all together

* Remove old notification for accessory checkout

* Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you”

* Add method for image url for accessories

* Added accessory checkout email blade

* Make accessory email notification on checkout screen consistent with assets

* Added native consumables notifications

* Fixes for asset notification

* Updated notification blades with correct-er fields

* Updated notifications

* License checkin notification - does not work yet

Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target

* Added alternate “cc” email for admins

* Only try to trigger notifications if the target is a user

* Fix tests

* Fixed consumable URL

* Removed unused notification

* Pass target type in params

* Show slack status

* Pass additional parameters

There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck.

* Pass a variable to the notification to supress the duplicate slack message

* Slack is broken :( Trying to fix

Will try a git bisect

* Put preview back into checkout

* Pulled old archaic mail

* Removed debugging

* Fixed wrong email title

* Fixed slack endpoint not firing

* Poobot, we hardly knew ye.

* Removed old, manual mail from API

* Typo :-/

* Code cleanup

* Use defined formatted date in JSON

* Use static properties for checkin/checkout notifiers for cleaner code

* Removed debugging

* Use date formatter

* Fixed target_type

* Fixed language in consumable email
2018-03-25 13:46:57 -07:00
snipe 34919b0396 Added API calls to look up assets by tag and serial 2018-03-23 14:50:11 -07:00
Brady Wetherington 085f909f35 Change duplicate header check to return 1-based header indices 2018-03-22 19:40:12 -07:00
Brady Wetherington 0b0243a5e0 Hoist file-reading before file-renaming, catch duplicate headers (#5244) 2018-03-22 19:16:15 -07:00
snipe 140724be2e Fixed #5217 - permissions error with importer for non-admins 2018-03-22 14:17:44 -07:00
Brady Wetherington e15f2ac8ab Support \r-terminated files better from the Importer (#5184)
* Hoist the ini_get/ini_set auto-detect line endings code higher

* Placate the irascible Codacy
2018-03-13 20:06:53 -07:00
snipe 1e22b8e567 Fixed #5138 - added default_label flag to status labels 2018-03-05 22:04:16 -08:00
snipe a5c6ddb8ac Change gate for updating assets via the API to edit 2018-03-05 21:27:17 -08:00
snipe 36cd63836e Fixed #5151 - added asset tag to maintenances 2018-03-05 16:26:40 -08:00
snipe f7784b6543 Fixed #2402 - add ability to restore manufacturers 2018-03-03 18:46:19 -08:00
fordster78 4e0c8e218d New Test Notification (#5137)
Created Test Notification.
Updated Vendor Mail message.blade files.
Updated api settings controller to use Notification Façade.
2018-03-02 18:01:20 -08:00
snipe b4f704d7f1 Fixed 2FA reset button 2018-02-26 15:43:49 -08:00
Daniel Meltzer 9ee2c6be57 Api tests2 (#5098)
* Cleanup

* API tests for asset models and related cleanup/improvements

* Api license test.  Tests incomplete because create/update/destroy are not implemented yet in the controller

* API Category tests.

* Manufacturers API Test.

* Implement License Create/Update/Delete Methods for API and enable test.

* Add missing gate for api.  Fixes only superadmins being able to generate Personal Access Toekns
2018-02-25 12:10:02 -08:00
Daniel Meltzer 7de8f71f58 Api tests (#5096)
* Use the formated date helper to clean up verifications.

* Add Checkin/Checkout api tests.

* Accessories api test

* Add Companies API Test.

* Return ModelNotFound as a 404.

* Cleanups/simplficiations/updates.

* Locations api test.

* currency and image should be fillable on location.

* Update components api test.

* Use findOrFail so we return a 404 instead of a 200.  Matches other item types.

* order_number should be fillable in component.

* Add updated_at and permissions to information returned from api for a user.

* Add users test and flesh out factory and fillable fields.

* Add test for assets method

* API status label test.

* Disable php7.2 for now on travis until the count(null) issues are remedied

* Add serial to update.

* API model not found should return a 200
2018-02-24 19:01:34 -08:00
snipe b6a75093b7 Removed duplicate location_id assignment 2018-02-24 14:06:10 -08:00
snipe e3144c3093 Added Slack test button 2018-02-22 16:35:34 -08:00
snipe 9c1fe2c922 Reverting previous change - qty already existed in allowed columns. Derp. 2018-02-21 16:46:37 -08:00
snipe 006b2b18b0 Added qty to sorting 2018-02-21 16:21:31 -08:00
snipe f5e51897e3 Added - sort by color on status labels 2018-02-21 05:29:50 -08:00
snipe 698ea36cc2 Added - Order location by manager 2018-02-21 05:09:40 -08:00
snipe 0cf9cdd3b1 Make department columns sortable 2018-02-21 05:04:20 -08:00
snipe 0d7a43ab38 Fixed orderby parent location name 2018-02-21 02:17:18 -08:00
snipe 3744a68daf
Features/better table options (#5018)
* Added CSS for table toolbar

* Use maintenances API for table listings

* NIcer layout for allowed_columns in maintenances API

* Fixed #5014 - bootstrap cookie issues

* Fixed #5015 - bug when saving settings

* Refactored datatable code to use data attributes

* Updated dashboard with new table code

* Added - Order by group user count

* Updated groups to use new table attributes

* New license listing table code

* More bootstrap table implementations

* More BS table refactoring

* Improved bootstrap assigned assets

* New bootstrap for reports

* Misc BS fixes

* FIxed small issue with asset history display

* Removed multisort option

* JS refactor
2018-02-16 13:22:55 -08:00
snipe f144d671ff Fixed #4988 - incorrect variable name in asset checkout API method 2018-02-12 19:13:33 -08:00
snipe b3a6ec2804 Fixed #4938 - default sort order 2018-02-01 17:17:56 -06:00
snipe d2587337e4 Fixed #4952 - ignore show_archived setting when drilling down into specific ID 2018-02-01 16:31:32 -06:00
snipe 1d04897b32 Order by default location 2018-01-24 14:27:12 -08:00
snipe 60c38a0c47 Added setting to choose what appears in model select list - Fixes #4879 2018-01-24 10:43:46 -08:00
snipe fefd6d60f6 Fixed #4899 - sorting in user history 2018-01-24 04:48:00 -08:00
snipe f1bbdc9e59 Revert PR #4845 2018-01-24 03:32:45 -08:00
vcordes79 0fb8dc3418 check if user is allowed to view assets (#4845) 2018-01-23 18:10:05 -08:00
vcordes79 7b596c750d API for (dis)associating fields with fieldsets (#4881)
* start work on fields in fieldset api

* revert CustomFieldsetsController

* fieldset associate / disassociate api

* fix variable names and payload

* fix variable name
2018-01-22 13:14:04 -08:00
snipe e6f70f2ab7 Fixed #4821 - add username to user selection dropdown 2018-01-19 23:47:37 -08:00
snipe 2a959edeba Added - Setting to allow archived assets in List All 2018-01-17 19:18:48 -08:00
snipe d920d91786 Fixed #4593 - do not require model_id to update asset custom fields via API 2018-01-17 13:12:32 -08:00
vcordes79 94cf1f8741 Fixes #4829 - add fields api (#4840)
* add fields api

* change route names
2018-01-17 05:31:57 -08:00
snipe 68f1fa0340 Added - ability to sort by asset count in models 2018-01-11 15:21:51 -08:00
snipe 9293f17707 Moved search scope lower to fix weird (possible Laravel) bug w/prepared statements 2018-01-11 15:17:34 -08:00
snipe 3b4a651dd9 Allow counts in mfg sorting 2018-01-11 15:16:23 -08:00
snipe e3d7be23cb Added new seats controller method 2018-01-10 18:47:57 -08:00
snipe e6259eb6e1 Fixed #4774 - show assets assigned to assets in asset view
Todo: Fix text search on the asset to asset tab. It’s currently broken so I’ve disabled it.
2018-01-10 05:44:11 -08:00
snipe 5587b64d64 Fixed #4770 - broken licenses, etc on company view, added users and components 2018-01-10 03:52:21 -08:00
Brandon Daniel Bailey f786e07179 Allow auto increment through the API (#4690)
* Allow auto incrementing asset_id from the API when the setting is enabled

* Cleaned up the if else statement

* Added prefix to the orWhereRaw which causes a database error if the configuration uses a prefix

* Auto incrementing through the API
2018-01-03 17:24:32 -08:00
snipe c3a44f25fd Fixed #4663 - duplicate manufacturer name in selectlist 2017-12-20 12:32:55 -08:00
snipe 7a8c8233a2 Fixes #4639 2017-12-15 18:54:38 -08:00
snipe f1a911d305 Fixed ambiguous query on non-super admins with FCS 2017-12-12 21:14:12 -08:00
snipe 1ef44721f5 Improved - disallow delete if not elgible in UI 2017-12-12 07:03:31 -08:00
snipe 4ce91a4f5d Fixed namespace gate for components - related to #4282 2017-12-12 06:26:37 -08:00
snipe c816870083 De-norm last audit date so we can display it in the asset listing 2017-12-12 03:03:43 -08:00
snipe 5b00a8ae33 Use specific company_id column name in user search 2017-12-11 22:50:55 -08:00
snipe fdaa279930 Fixed #4548 - add cateory to model dropdown 2017-12-04 20:19:30 -08:00
snipe ec4bed436c Fixed #4565 - show manufacturer in models selectlist 2017-12-04 19:52:18 -08:00
snipe 305b0d8edb Fixed #4522 - properly check for valid target, throw error otherwise 2017-11-27 21:17:58 -08:00
snipe 05996019e5 Use asset checkout request in API 2017-11-27 21:17:16 -08:00
snipe 6f3a90c48b Check that the assigned data is valid 2017-11-22 15:07:34 -08:00
snipe 22fdd05314 Add UTF charset 2017-11-21 22:34:07 -08:00
snipe 0adebd1ec8 Add sorting and additional category types to dashboard categories
BREAKING CHANGE: Category type now reports as `category_type`, instead of `type`
2017-11-21 20:33:30 -08:00
snipe 7321c5937f Fixed #4440 - allow username search in asset dropdown 2017-11-16 16:49:16 -08:00
snipe ce525c1985 Fixed #4471 - removed gate for categories selectlist 2017-11-16 13:48:38 -08:00
snipe ba38b841cb Constrain accessory by category ID if one is passed 2017-11-14 16:47:21 -08:00
snipe 498fc3762d Fixed #4437 - pagination for maintenances 2017-11-14 01:32:25 -08:00
snipe 7eef1b4bcf Fixed #4418 - order models by name asc in selectlist 2017-11-10 15:56:14 -08:00
snipe 6852b74317 Removed gates from selectlist method 2017-11-09 10:51:55 -08:00
snipe 74773ac912 Fixed incorrect policy reference in consumables listing 2017-11-07 23:05:29 -08:00
snipe 9764d2ad24 Removed commented code 2017-11-07 22:25:32 -08:00
snipe d7f8615964 Fixed query for location ID 2017-11-03 20:10:36 -07:00
snipe cc7be5f947 Added location to checkout in API 2017-11-03 19:42:45 -07:00
snipe 3a52c19428 Updated fieldname in Locations transformer and API 2017-11-03 19:40:40 -07:00
snipe b3b8ab493e Switch to the reply_to address 2017-11-03 14:58:49 -07:00
snipe 6fb0ef908d Fixed issue sorting when viewing users by department 2017-11-03 14:29:04 -07:00
snipe 85360a7c7f Removed gates on selectlists
They can’t access the API directly unless they have been granted API accesses anyway
2017-11-03 13:03:57 -07:00
snipe 416455fe01 Fixes weird manager_id validation
This is a shit fix - need to find out what’s happening here.
2017-11-03 12:48:00 -07:00
snipe 3ecaa99990 Fixed only undeployed assets in checkout to list 2017-11-03 11:33:36 -07:00
snipe 53175d5035 Fixed sorting issue on company/manufacturer/supplier 2017-11-02 20:01:39 -07:00