* Changed the ability name from 'edit' to 'update'. Changed the order of execution: first checks if the manufacturer exists, then checks permissions
* Handles the update method, that also has the ability parameter as edit instead of update"
q
* Revert "Handles the update method, that also has the ability parameter as edit instead of update""
This reverts commit d7dc0e451e.
* Handles the update method, that also has the ability parameter as 'edit' instead of 'update'
* Fixes search by serial or tag even if they have slashes in them
* Added support for url param byTag and bySerial
* Fixed typo comments
* Sojme additional comments to clarify use-cases
* Updated comments for clarity
* Use correct Request include
* Updated to use additional form request
* Added SVG sanitizer
* Added response method to form request
* Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete
* Fixed upload path for avatars
* Added fieldname variable to blade partial for image upload
* Added enctype="multipart/form-data" to form to allow uploads
* Added image field
* Updated Request::old() to use $request->old()
* Fixed derp in edit blade referring to $item when it should be $user
* Added svg+xml to image rule
I'm going ahead and merging this, since the upgrade doesn't break Flysystem any worse than the current develop is broken, so far as I can tell.
* Upgraded framework to Laravel 6
### TO DO:
- Fix password restriction rules- the old library isn’t compatible with Laravel 6 :(
- Figure out why in-app API calls are returning “Unauthorized”
* More updates from Input:: to Request:: helper
* Switch to Request:: from Input
* Added passport config
* Fixed goofy password minimum in seeder
* Added laravel/helpers
* Changed ($item) to ($item->id) in forms
I have no idea why this is necessary
* Changed ($item) to ($item->id) in forms
* Updated API middleware to auth:api
* Updated with added laravel auth.php values
* FIxed *&!^$%^&$^%!!!! ajax issue
* Switch to Request::get from Input::get
* Switched to Request facade
* Added password security minimums back in
The package we were using has not been updated to Laravel v6, so I created custom validators instead
* Added language strings for error messages for password rules
* Fixed `($item)` issue in formActions for partials
* Add a setting to show assets assigned to other assets #6489
* Update user's views to show assets assigned to other assets #6489
* Add ukrainian and russian translation for the feature #6489 in settings
* Added enshrined/svg-sanitize
* Added modular image resizing/SVG cleaning method
(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)
* Use improved handleImages method to upload/resize/clean images
* Removed $old_image
This is handled in the ImageUpload request now
* Set theme jekyll-theme-hacker
* fixed commenty about scopebyDeprecationID being identified as a method to location ID
* fixed commenty about scopebyDeprecationID being identified as a method to location ID
* Adding Dept to license seats
* Added query scope to order by department
* Make license seat department sortable
* Disable license seat internal search - this never actually worked
* Rename child locations method
* Use Ajax dropdown for locations selectlist for edit/create
* Removed locations database call on edit/create blades for faster loading
* Updated locations controller to use the new iterator
* Increase pagination on locations controller to 500
We’re already loading all of that data up beforehand anyway, so no point in keeping the query smaller.
* Fixed the else to make codacy happy
* Improve the design and performance of the nested location selectlist (#7484)
* Improve the design and performance of the nested location selectlist
* Fixed parse errors
* Removed debugging code/comments
* Implement #3088: Add "Generate Label" option to "Actions" dropdown menu in individual Asset Details view.
* Add conditional for including the asset number in the URL of the barcode image.
* Change case of variables to pass Codacy PR review standards.
* Fixes#6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report
TODO: Fid diff/threshold math
* Added route to list overdue / upcoming assets via API
* Controller/API methods for due/overdue audits
We could probably skip this and just handle it via view in the routes…
* Added query scopes for due and overdue audits
* Added audit due console command to kernel
* Added ability to pass audit specs to main API asset search method
* Added audit presenter
* Added bootstrap-tables presenter formatter to display an audit button
* Added gated sidenav items to left nav
* Added audit due/overdue blades
* Cleanup on audit due/overdue console command
* Added language strings for audit views
* Fixed :threshold placeholder
* Removed unused setting variable
* Fixed next audit date math
* Added scope for both overdue and upcoming
* Derp. Wrong version
* Bumped version
(I will release this version officially tomorrow)
* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)
* Fixed#7003 - crash when warranty months or purchase date is null
* Fixed#6956 - viewKeys policy inconsistent (#7009)
* Fixed#6956 - Added additional gates show showing/hiding license keys
* Modified gate to allow user to see licenses if they can create or edit the license as well
* Added API middleware to API routes to enable throttling
TODO: Figure out how to make this costumizable without touching the code
* Import locations from CSV via command line (#7021)
* Added import locations command
* Small fixes to location importer
* Added country, LDAP OU
* Cleaned up comments, added more clarification to what the script does
* Added ability to update groups via API
Fixes [ch9139]
* Bumped version
* Fixed#6883 - remove escaping of fields on LDAP import
* Fixed#6880 - correctly encrypt encrypted fields via the API
* Fixes#5054: LDAP users deactivated for none-ad (#7032)
When using none-AD ldap, users are automatically deactivated every LDAP
sync. This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.
Fixed#5054, at least for 4.X
* Updated packages
- Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
- Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
- Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
- Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
- Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
- Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
- Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
- Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)
* Fixed#7044 - API update deleted custom fields if they are not re-presented
* Fixed XSS vulnerability when creating a new categories, etc via modal on create
Same fix as before, because of the weird select2 post-parsing ajax behavior
* Updated email strings
* Fixed#7046 - added user website url back into UI
* Updated language strings
* Bumped version
* Updated packages
* New backups config for spatie
* Removed debugbar service provider (autodiscovery)
* Use laravel v5.5 withCount manual aliases
* Added spatie language files
* Removed old laravel backups config
This config file was renamed in a newer version of spatie laravel-backup
* Set the serialization
* Added the command loader to console kernel
* Renamed fire() to handle()
* Updated withCount to use manual naming
* Updated backup path in backup admin
* Updated travis with new php versions
* Bumped laravel version in readme
* Fixed custom field edit screen
* Fixed baseUrl is undefined error
I literally cannot figure out how this ever worked before.
* Fix for included files in backup
* Bumped version
* Switch has() to filled()
* Change ->has() to ->filled()
* Removed cosole log
* Bumped packages
* Use getReader instead of fetchAssoc for CSV parser
https://csv.thephpleague.com/9.0/upgrading/
* Handle JSON validation errors like 5.4
* Handle JSON validation errors like 5.4
* Handle JSON validation errors like 5.4
* Trying to fix ajax asset validation
This I think gets us closer, but still not handling the validation on the asset properly.
When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:
```
Illuminate\Support\MessageBag Object
(
[messages:protected] => Array
(
[name] => Array
(
[0] => The name field is required.
)
[seats] => Array
(
[0] => The seats field is required.
)
[category_id] => Array
(
[0] => The category id field is required.
)
)
[format:protected] => :message
)
```
Currently the Assets ajax returns:
```
[2019-05-24 06:52:06] develop.ERROR: array (
'messages' =>
array (
'model_id' =>
array (
0 => 'The model id field is required.',
),
'status_id' =>
array (
0 => 'The status id field is required.',
),
'asset_tag' =>
array (
0 => 'The asset tag field is required.',
),
),
)
```
So not sure why it’s not working.
* Fixed missing asset validation
* Check that a model exists before trying to fiddle with fieldsets
* Tidied up license check
* Removed extra escaping on checkin
* Updated importer to work with newer CSV Reader::getRecords() method
* Fixed field mapping
* Small fix for reordering fields
Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]
This needs revisiting for a more solid fix, especially for data that was already entered bad.
* Fixed bug where sorting by company name in Users API did not work
Fixes [ch9200]
* Removed custom fields from AssignedSearch to prevent confusing data in selectlist
Fixes [ch9193]
* Removed alert-danger from tests
* Fixed missed consumables_count withCount() statement
* Fixed Undefined variable user in $backto if checked out to a non-user
Fixes [ch9194]
* Check for valid model before attempting to access fieldsets
Fixes [ch1249]
* Only build the log upload destination path if there is a matching record
Fixes [ch1232]
* Fixed free_seats_count variable name
(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)
* Only gtry to delete the file if a record is found in the log
* Only try to get fieldset if model is valid
* Fixed more camel-casing -> snake-casing
* Only display the file if the log record can be found
* Fixed casing in sync command
* Updated README
* Derp - typo
* Added link to Atlassian plugin
* More Atlassian clarifications
* Show accessory image on view page
* Increased image size to 800px, added lightboxes
* Fixed#7083 - Removed user_exists constraint on department save
If the user has been deleted, this prevented the department from being successfully saved on edit
* Updated branch in version file
* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)
* bump up to php7.1
& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`
* AND modapache ><
* 2 updates required to get software-properties+ppa
* Bumped version
* Bumped release again :(
* Missed one
* Fixed#7098 - updated backup config for deleteFile() method
* Fixed#7092 - handle weird port forwarding/port numbers for baseUrl
* Bumped version
* Fixed#7099 - set email to null by default for backup notifications
* Removed old comments
* Fixed#7100 - Check if $user isset on checkin
* Increased throttle to 120 requests per minute
* Added Filipino, corrected order for Spanish variations
* Update language strings
* Bumped hash
* Changed has to filled to fix bulk asset editing
* Bumped point version
* Small fixes for phpleague CSB reader v9
* Improved error checking in locations importer
* Fixed#7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility
* Reduce minimum group name length to 2 (from 3)
eg: IT
* Back in time fix FOR #7145 for new installs on MySQL 8+
* Fixed permission insert
//TODO
Handle this via model
* Possible fix for reporting/admin migration back in time
* Fixed#7164 - change table name to permission_groups
* Fixed LDAP password blanking on save
* fixing previous commit's actual wiping of password (#7183)
replaced Input::fille('ldap_pword') with _filled_. Should be good to go.
https://github.com/snipe/snipe-it/issues/7179https://github.com/snipe/snipe-it/issues/7169
* Bumped version
* Downgrading rollbar for Laravel 5.5
* Spelling Correction (#7206)
Fixed Spelling for the word reqrite, to be rewrite.
* Fix#6910: Add logic to manipulate the eloquent query. (#7006)
* Added company_id to consumables_users table
* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users
* Remove a migration that tries to fix this problem, but is not longer necessary
* Addresses #7238 - add PWA code to layout
Needs additional UX testing
* Better log message for bad LDAP connection
* Fixed#7186 - has vs filled in User’s API blanking out groups if no group_ids are passed
* Comment clarification on #7186
* Check for valid seat on hardware view
* Added space between footer and custom message
* Cap warranty months to three characters
Filles rollbar 209
* Cap warranty months to 3 on the frontend blade
* Fixed countable() strings on user destroy
* Check that the user has assets and that the aset model is valid
* Bumped hash
* Caps asset warranty to 20 years
* Command to fix custom field unicode conversion differences between PHP versions (#7263)
* Fixes#7252 form request changes (#7272)
* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests
* Removed debug info
* More fixes for #7252
This is mostly working as intended, if not yet the way Laravel wants us to do it.
Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.
* Removed experimental method
* Check for digits_between:0,240 for warranty
* Removed debug code
* Apply fix from PR #7273 to master
* Bumped hash
* Fixed#7250 - permission issue for API fieldsets and fields endpoints
This applies the change from #7294 to master
* Add @mskrip as a contributor
* Fixed#7270 - Checking-in Assets via API Removes the Item's Asset Name
* CORS for api (#7292)
* Added CORS support to API
* Changed order so CORS will still work if throttle hit
* Added APP_CORS_ALLOWED_ORIGINS env option
* Fixed typo
* Clarified header comments
* More clarification
* DIsable CORS allowed origins by default to replicate existing behavior
* Change variable name to be clearer
* Bumped version
* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)
* Added comments to the ByFilter query scope for clarity
* Added accessories checkout/checkin API endpoint
* Fixed CVE-2019-10742
https://nvd.nist.gov/vuln/detail/CVE-2019-10742
* Update README.md (#7334)
Add reference to CSV importer.
* Group related variables in .env
* History importer fixes
* Fixes to history importer
* Added CORS support to API
* Changed order so CORS will still work if throttle hit
* Added APP_CORS_ALLOWED_ORIGINS env option
* Fixed typo
* Clarified header comments
* More clarification
* DIsable CORS allowed origins by default to replicate existing behavior
* Change variable name to be clearer
* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests
* Removed debug info
* More fixes for #7252
This is mostly working as intended, if not yet the way Laravel wants us to do it.
Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.
* Removed experimental method
* Check for digits_between:0,240 for warranty
* Removed debug code
* Added propper routes to the controller
* Logic to handle the not setted ->audit_warning_days variable
* Change the variable name for more clarity
* Got rid of the unnecesary if sentence in sake of brevity
* Adding the null coalesce operator so it can properly handle when the setting is null
* Added company_id to consumables_users table
* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users
* Remove a migration that tries to fix this problem, but is not longer necessary
Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]
This needs revisiting for a more solid fix, especially for data that was already entered bad.
This I think gets us closer, but still not handling the validation on the asset properly.
When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:
```
Illuminate\Support\MessageBag Object
(
[messages:protected] => Array
(
[name] => Array
(
[0] => The name field is required.
)
[seats] => Array
(
[0] => The seats field is required.
)
[category_id] => Array
(
[0] => The category id field is required.
)
)
[format:protected] => :message
)
```
Currently the Assets ajax returns:
```
[2019-05-24 06:52:06] develop.ERROR: array (
'messages' =>
array (
'model_id' =>
array (
0 => 'The model id field is required.',
),
'status_id' =>
array (
0 => 'The status id field is required.',
),
'asset_tag' =>
array (
0 => 'The asset tag field is required.',
),
),
)
```
So not sure why it’s not working.
When using none-AD ldap, users are automatically deactivated every LDAP
sync. This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.
Fixed#5054, at least for 4.X
* Added import locations command
* Small fixes to location importer
* Added country, LDAP OU
* Cleaned up comments, added more clarification to what the script does
* Fixed#6956 - Added additional gates show showing/hiding license keys
* Modified gate to allow user to see licenses if they can create or edit the license as well
* Added upcoming audit report
TODO: Fid diff/threshold math
* Added route to list overdue / upcoming assets via API
* Controller/API methods for due/overdue audits
We could probably skip this and just handle it via view in the routes…
* Added query scopes for due and overdue audits
* Added audit due console command to kernel
* Added ability to pass audit specs to main API asset search method
* Added audit presenter
* Added bootstrap-tables presenter formatter to display an audit button
* Added gated sidenav items to left nav
* Added audit due/overdue blades
* Cleanup on audit due/overdue console command
* Added language strings for audit views
* Fixed :threshold placeholder
* Removed unused setting variable
* Fixed next audit date math
* Added scope for both overdue and upcoming
* Derp. Wrong version
* Bumped version
(I will release this version officially tomorrow)
* Properly escape log_meta values
* Vue syntax fix to allow npm run dev to work again
* Janky fix for Select2 bug
* Compiled production assets
* Escape user’s last name in API
* Removed duplicate alertClass
* Compiled production assets
* Fixed#6821 - confusing UI for 2FA when 2FA is universally enforced
I also updated the language in the user’s listing table to clarify what “activated” means
* Added login enabled info to user view
* Clarified comments
* Added info about 2FA on user profile
Because why not
* Added nowrap to table, and added 2FA reset for superadmins
* Check for empty headers in import
* Added import permission
* Fixed model path in docblock
* Added import gate to default blade
* Check if the user is an admin OR idf they have import permissions
* Walked back that admin permission
Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission
* Added validation for errors when the Import Field to map isn't setted
* A slightly correction to the error message
* Added the translation strings for the Error Message
* To see checkin/checkout Date in History of Asset
* Added some logic to get today's date if the checkin_at input is blank
* Updating the action_date taking the value from the action_log table
* Hide created_at field and rename 'Action Date' as only 'Date'
* Fix auto-increment not updating
This is due to the addition of caching for settings. If we're not
explicitly saving the Settings model, then the cache isn't getting
updated, causing the asset tag auto-increment to get an old cached
version with the wrong number
* Move Setting cache clear to an observer
* Change upload js to work with multiple upload elements on a single page
* Change uploadFile in upload modal and form partial
* Change uploadFile to js-uploadFile to avoid potential issues in the future
* Remove duplicate style attribute causing webpack to fail
* Missed a css class in rename to js- prefix
* - Move logo uploads to partial for eaiser usage
- Add label logo
- Add css classes to label elements
- Change label prefix text (M: S: ...) to css::before content for easy removal in config
* Add more css classes to labels
* Allow unescaped " (quot) in css ouput
* Add max size param to partial, set defaults for allowedType and size
add accessories and consumables tables
add selectlist api to:
app\Http\Controllers\Api\AccessoriesController.php
app\Http\Controllers\Api\ConsumablesController.php
app\Http\Controllers\Api\LicensesController.php
templates for selectlist
apply kit to user works
* Fixed#6703 - fixes password confirmation
* Removed debugging
* Fixed tests
* I guess we use 10 as the settings for password min in tests
* One more try to fix tests - confirmation won’t validate until password validates
This bug was a result of attempting to check if the groups field had a value, and only THEN trying to sync the groups. This meant that uf you were removing ALL groups, the sync wouldn’t be triggered.
This still needs to be updated in the API.
Need to confirm that re-enabling `\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,` won’t mangle anything. I know we ran into some issues when testing a long time ago, but not sure those issues apply anymore, and I can’t remember what they were.
* Starting work on asset history importer.
* Starting work on asset history importer.
* Added checkin target.
* Last change... importing history should also probably be an admin only task.
* Added caching for user and asset queries.
* Updated cache keepalive time to DateTimeInterface
* Updated cache keepalive time to DateTimeInterface
* Cannot log in with generated password from [ch37]
* Cannot log in with generated password from [ch37]. Light cleanup
* Added the fetchHumanBoolean() method.
* Cleaning up the ternary
Add refresh licenses, accessories and consumables tables refresh when add a new element resources\assets\js\snipeit_modals.js
Some design fixes resources\views\kits\edit.blade.php
Add default value to form (template) resources\views\modals\kit-model.blade.php
New routes for kit accessories and kit consumables routes\api.php
New routes for kit models, kit accessories and kit consumables routes\web\kits.php
New templates
* misc_ldap_fixes: Map location from OU, not group
* misc_ldap_fixes: Ensure ldap is initialised for import
* misc_ldap_fixes: Import Job Title
* misc_ldap_fixes: Import telephone, fix field select from schema
* misc_ldap_fixes: Cleanup login error-handling, fix boolean tests
* Fix an issue when trying to checkin a license seat.
* Minor changes in the checkin view, so it can returns to the expected place where the checkin is launched.
* - change generatePassword to be more secure (allow duplicate chars)
- move generatePassword from trait to helper
- fix summary output for sync command
* - Don't treat ldap_active_flag as boolean - fixes sync not working at all when ldap field is set
- Sync non activated users (But set activated=0)
* - Read user first before checking against user settings
* Fix failed logins to not throw exceptions
* Update Ldap.php
* Update Ldap.php
* Update Ldap.php
* Update Ldap.php
* Update Ldap.php
Updating LDAP.php such that the admin bind will ONLY occur if the user attempting auth cannot bind. If that is the case, it will attempt to bind as admin and search for that user, prior to failing.
The previous commit made it such that remote user login could only
be enabled if two factor authentication was also enabled. Unnest
the configuration so that the setting can be applied without.
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder
* php 7.3 collect() fix (undefined variable)
* Fix travis ci
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder
* php 7.3 collect() fix (undefined variable)
* change LDAP implementation from model to (singleton) service
* Re-apply check for content in ldap_server variable before parsing
* Update LDAP implementation
* Switch iCheck to minimal as referenced in js
* Don't init on load but on first access via init (returns ldap enabled status)
* Re-Enable notifications
* Re-add missing test target php versions
* Only init() once (singleton class, so ldap variable is already set)
* Fixed missing oauth tables during setup.
* Custom fields of type "CUSTOM REGEX" are always saved as "ANY"
Fixes#5896
* Updated per PR
Fixed spelling
* Fixed logic error
Moved conditional code from view to controller
Added getFromatType function for dropdown
* Fixed missing oauth tables during setup.
* WIP New LDAP implementation
* WIP New LDAP implementation
* WIP New LDAP implementation
Merge remote-tracking branch 'origin/WIP_LDAP' into WIP_LDAP
* WIP New LDAP implementation
Added Adldap2 to handle ldap intergration.
* Updated per PR quality review
* Added specific LDAP settings method
* Corrected version number
* Added return documentation
* Added imports
* Changed class to be injected into controller
* Updated with PR suggestions
* Fixed missing oauth tables during setup.
* Merge remote-tracking branch 'snipe-it-upstream/develop' into develop
* Merge remote-tracking branch 'snipe-it-upstream/develop' into develop
Merge remote-tracking branch 'origin/develop' into develop
* Fixed error during setup when settings table is not present
* Switch to use username instead of email
* Fixed indenting
* Updated password language
* Updated blades to reflect username instead of email
* Changed password/reset controllers to use username instead of email
* Redirect to login page instead of repeating the password reset form
* Another 'or' caught in a blade template
* Added the requireAcceptance() method in LicenseSeat.php. Changed the permission in checkout-license mail to view.
* Getting right the permission in the view checkout-license
The class was missing as a result that the composer was unable to update and the site returned a 500 error
```
$ composer update
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Nothing to install or update
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
Generating optimized autoload files
> Illuminate\Foundation\ComposerScripts::postAutoloadDump
> @php artisan package:discover
In Asset.php line 30:
Declaration of App\Models\Asset::save($params = Array) should be compatible
with Illuminate\Database\Eloquent\Model::save(array $options = Array)
Script @php artisan package:discover handling the post-autoload-dump event returned with error code 1
```
* Added AWS url to example env
* Upgrader - added check for new storage path and attempt to move
* Ignore symlink
* Updated paths for models
* Moved copy methods
* Added AWS_URL support
For some reasin, Flysystem was generating the wrong AWS url (with a region included)
* Switch to Flysystem for image uploads
* Nicer display of image preview
* Updated image preview on edit blades to use Flysystem
* Twiddled some more paths
* Working filesystems config
* Updated Asset Models and Departments to use Flysystem
* Janky workaround for differing S3/local urls/paths
* Try to smartly use S3 as public disk if S3 is configured
* Use public disk Storage options for public files
* Additional transformer edits for Flysystem
* Removed debugging
* Added missing use Storage directive
* Updated seeders to use Flysystem
* Default logo
* Set a default width
We can potentially override this in settings later
* Use Flysystem for logo upload
* Update downloadFile to use Flysystem
* Updated AssetFilesController to use Flysystem
* Updated acceptance signatures to use Flysystem
* Updated signature view to use Flysystem
This isn’t working 100% yet
* Use Flysystem facade for displaying asset image
* Set assets path
Should clean all these up when we’re done here
* Added Rackspace support for Flysystem
* Added Flysystem migrator console command
* Added use Storage directive for categories
* Added user avatars to Flysystem
* Added profile avatar to Flysystem
* Added the option to delete local files with the migrator
* Added a check to prevent people from trying to move from local to local
* Fixed the selectlists for Flysystem
* Fixed the getImageUrl method to reflect Flysystem
* Fixed AWS copy process
* Fixed models path
* More selectlist updates for Flysystem
* Updated example .envs with updated env variable names
* *sigh*
* Updated non-asset getImageUrl() methods to use Flysystem
* Removed S3 hardcoding
* Use Flysystem in email headers
* Fixed typo
* Removed camera support from asset file upload
We’ll find a way to add this in later (and add that support to all of the other image uploads as well)
* Fixed path for categories
* WIP - Switched to standard handleImages for asset upload.
This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now.
* Fixed css URL error
* Updated Debugbar to latest version (#6265)
v3.2 adds support for Laravel 5.7
* Fixed: Missing CSS file in basic.blade.php (#6264)
* Fixed missing CSS file in basic.blade.php
* Added
* Changed stylesheet import for authorize.blade.php
* Updated composer lock
* Added AWS_BUCKET_ROOT as env variable
* Use nicer image preview for logo upload
* Removed AssetRequest form request
* Removed asset form request, moved custom field validation into model
* Added additional help text for logo upload
* Increased the size of the image resize - should make this a setting tho
* Few more formatting tweaks to logo section of branding blade preview
* Use Flysystem for asset/license file uploads
* Use Flysystem for removing images from models that have been deleted
* Enable backups to use Flysystem
This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3
* Use Flysystem to download license files
* Updated audits to use Flysystem
When a user has no permissions set (=NULL) in the database (like after an
LDAP import) but is a member of a group with permissions, those group
permissions would not have be applied, effectively denying every access
regardless of group permissions.
* Search functionality in accessories/{accessory} issue #5471:
From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.
* A better fix to issue #5471. Now using the established relationship to querying for the users. Also Case-insensitive.
* Fixed previous commit that has magic number in the find method parameter of AccessoriesController.
This was causing the error: Undefined index: App\Models\CustomField (View: /Users/snipe/Sites/snipe-it/snipe-it/resources/views/hardware/index.blade.php)
and pointed to the Eloquent model library method:
```
protected function initializeTraits()
{
foreach (static::$traitInitializers[static::class] as $method) {
$this->{$method}();
}
}
```
Thanks to https://github.com/laravel/framework/issues/25455 for the clue.
From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.
* Added Freebsd as vagrant machine for development
* Ran npm audit fix
Manually added peer depenencies
* Added charset=UTF-8 to content-type
Removed reference to throttle model as is is not longer included.
* Add half-year convention in depreciation for Models/Depreciable.php
* Add a setting for the depreciation method
* Integrate half-year convention inside working output
* fix: add more checks at Depreciable.php
* depreciation value rounding
* Codestyle fix
This would only come into play if an inactive user already received a password reset email and then the system was upgraded to prevent those emails from being sent to inactive users
A checkout acceptance gets generated for every item that needs to be checked out. This resource tracks the user user who can accept the item and their signature
I think this merged in a weird order and was missed by the global
find/replace. This fixes bulkassets/bulkusers editing.
At some point we should look at refactoring BulkAssetsController@edit to
only run one DB query, rather than one per item.
* Move findLicenseSeatToCheckout back to controller.
After discussion, move findLicenseSeatToCheckout method back to
controller from form request. Also cleanup one tiny bit more with null
coalesce operator (Yay php 7).
* Revert Earlier change.
$target only exists in the checkoutTo* methods. Need to log the
checkout individually in each of those.
* Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods.
* Use same image upload/layout in accessories as consum+components.
* Monster: Cleanup/Refactor http controllers.
This cleans up docblocks, pulls most non-crudy actions into their own
controllers, and does general cleanup/logic refactoring. There /should/
be no functional changes, but we all know how should works..
Extract checkin/checkout functions to a separate controller for accessories.
Move controllers to subdirectory.
Cleanup AssetModelsController
Extract component checkin/checkout
Assorted cleanups/doc/formatting in controllers.
Refactor LicenseController.
Refactor UsersController
Update viewassetscontroller.
* Codacy cleanups
* More codacy cleanups. Extract a LicenseCheckout Form request as well.
* A bit more refactor/cleaning of the license checkout method.
* Review Related Cleanups
* Fix most of the item_not_found translations. In many cases, the
string being generated did not even use the id parameter. Where it
does, pass it as id instead of as a different value.
* Remove some old $data arrays from when we manually sent emails from
the controllers. This has been superseeded by the notification system
(yay!)
* Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
* Adds a method to consumables to check if a notification should be sent
Adds the checkin_email method to Consumables, this gets checked in notifications when checking out the consumable.
Without the method, no notifications get sent for checking out consumables.
* Fixes the checkin_email method on the License model
This should allow the License to also send checkout/checkin notifications again.
* Fix Importer emailformat
Str::slug() strips periods from the string, which caused our existing
logic to misbehave when generating a user's email on an import. Adjust
logic to use generateEmail() helper on user instead. Also clean up some
of the logic in this method.
* Remove dead code.
* More refactor/cleanup of the user create method. I think it is almost readable now.
* Give advancedTextSearch all search terms at one
The additional conditions for assets had some problems, since they were joining tables for the additional attributes. The method was called once for every search term, so the join was added multiple times if the user entered multiple search terms.
* Allows search to handle multiple search terms better
The search now better handles multiple search terms, adding additional orWhere clauses, instead of duplicating all queries.
* Fixing typo
* Extract method/cleanup
* Remove apiStore method that is unusued since api controllers.
* Use proper model exception
* Remove old user importer. This is now supported by the general importer framework.
* Refactor AssetsController methods.
This is a giant diff without many functional changes, mostly cosmetic.
I've pulled a number of methods out of assetscontroller, preferring
instead to create some more targetted controllers for related actions.
I think this cleans up the file some, and suggests some places for
future targetted improvement.
Fix weird missing things.
* Fix Unit test failing after date changes.
* Pass valid string to be translated.
* Some method cleanup for codacy.
* Extract trait for common checkout uses and codacy fixes.
* Cleanup model bulk-edit
Use the general partials where appropriate, as well as display a list of
what models we are editing in the bulk edit.
* Use new api based fetch/display for modal select2.
This is just copy/pasting the code currently because I'm not entirely
sure how the two pieces of code interact.
* Remove old helper functions that are no longer necessary with our populating of select2 dropdowns via ajax.
* Adds the ability to search by dates
Adding extra „where“-conditions to the „TextSearch“ queries, allowing the users to search by dates
* Adds missing dates to $dates in models
* Removes duplicated „where“ conditions
* Adds the Searchable trait to models, defining the searchable attributes and relations
* Removes the old text search methods
* Adds back additional conditions to the search
These conditions could not be modeled in the „attributes“ or „relations“, so we include them here
* Removes unnecessary check for the deleted_at attribute
* Fixes typo in comments
* suppresses errors from Codacy
We can safely ignore the error codacy is throwing here, since this method is a standin/noop for models who need to implement more advanced searches
* adds select2 placeholders to select lists
To allow us to clear the selection on „select2“ selects, we need a placeholder attribute
See: https://select2.org/placeholders
* Removes empty option from multiple select
select2 requires an empty option value on singular selects, but not on multiple selects.
When selecting multiple options, this empty option would be shown as selectable otherwise, not clearing the selection.
* Adds the option to clear select2 instances
Sets the correct options to allow clearing of out select2 instances. The empty placeholder is required, since clearing only works when a placeholder ist set (event an empty one).
See: https://select2.org/placeholders
* Removes the „Clear selection“ option from select lists
Since we can clear the select2 lists with their native clearing method, we can remove this hack
* Updates generated assets (css/js)
* Always send checkin notifications to users
This fixes the routing of the notifications, to only send „checkin“ emails if the „mail on checkin“ flag on the category was set. (and we checkout to a user with a non-empty email)
* Fixes checkout notification routing
Notifications to users should be send if the category of the resource (accessory/asset/consumable/license):
a) requires the user to confirm acceptance
b) should send notifications on checkin/checkout
* adds a check for EULAs
Adds back a check for the EULA, since the user should receive the EULA if it was set (regardless of other setings on the category, etc)
* adds permission checks to custom fields
* adds permission checks to custom fieldsets
* adds separate permissions for custom fieldsets
* check for permissions in views
* Removes custom fieldsets from permissions config
* Proxy the authorization for custom fieldsets down to custom fields.
This allows us to use the existing permissions in use and have more semantically correct authorization checks for custom fieldsets.
* simplifies the authorization check for the custom fields overview
* removes special handling of custom fieldsets in base policy
I just realised that this code duplicates the logic from the custom fieldset policy.
Since we are checking for the authorization of custom fields anyway, we can just use the columnName for the fields.
* cleanup of unused imports
* adds permission checks for companies
* adds permission checks for depreciations
* adds permission check for all reports
* fixes permissions for departments
* fixes permission naming (edit -> update)
* fixes authorization checking wrong permission in API
The authorization was checking for the non-existent „edit“ method where it should have checked for the „update“ method.
* adds authorization checks for select2 lists
* adds missing authorization checks for api
* fixes user authorization check for creating users
* adds additional check viewing assets on showing a users assets
* Removes authorization checks for select2 lists
Reference: https://github.com/snipe/snipe-it/pull/5807#pullrequestreview-136018755
* Added option to include model information on asset labels.
Cleaned up label page to fix skewed label alignment on last row per page.
* Changes made per Snipe's direction
changed type from tinyint to boolean in DB
changed labels back to initials
* Added de-norm counter migration for assets
* Renaming counter columns, since Eloquent has a magical *_count helper
* Added artisan command to sync counters (one-off)
* Update API to use de-normed fields
* Increment counters for checkin;/checkout
* Derp.
* Added request increment/decrementer
* Move increment for checkout to the Asset::checkout method
* Added “could take a while” message
* Fixes#4445: prevents assigned assets from being checked out in bulk checkout
* Updates data attribute to more versatile 'data-asset-status-type'
* Fixes broken unit test
* Fixes CustomFieldsetsController::fields() which I think is not used anywhere else and don't think ever worked as you can't call get() on a Collection.
Have tested extensively and doesn't seem to affect anywhere else?
* Adds default value functionality
* Adds built assets
* Fixes assignment to asset_model_id which should have been evaluation and alters route so it sits more in line with existing work
* Updates built assets
* Remove silly docker.env file; fix Dockerfile to preserve Oauth keys (#5377)
* Added department to custom asset export
Updates build assets
* Adds translation support for 'add default values' checkbox label
* Allow setting of "ldap_import" through the API, this will allow cusom scripts to be made to import data from Active directory using the API, this would allow any field to be filled such as the manager (based on the ID), department etc.
* Password fix for LDAP through API
* Fix condition where matching user fails when providing a username but no full name. Also shortcircuit username matching if a user exists.
* Simplify Logic
If the user provided is numeric, but doesn't exist in the database, assume that the user's name is a number and go through all relevant generation. of email/first+last names. Alternatively we may want to abort or remove the is_numeric bits.. it seems a little counterintuitive
* WIP - beginning of improved requested assets
- Use Ajax tables for faster loading
- Use new notifications for requesting an asset
TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user
* Only show asset name in email if it has one
* Refactor requested method to only include non-canceled requests
* Refactored requestable assets to log request and cancelation
* Added softdeletes on checkout requests
* Differentiate between canceling and deleting requests
* Added asset request cancelation notification
* Added timestamps and corrected unique key on requests table
* Improved requests view
* Re-use blade for cancel/request email
* Refactored BS table formatter for requested assets
* Location name min reduced to 2
* Added PAT test as maintenance option
This needs to be refactored into database-driven options with a UI
* Better slack message
* Added getImageUrl method for assets
* Include qty in request notifications
TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1
* Removed old asset request/cancel emails
* Added user profile asset request routes
* Added profile controller requested assets method
* Added blade link to requested assets for profile view
* Sort user history desc
* Added requested assets blade
* Added canceled at to checkoutRequest method
* Include qty in request
* Fixed comment, removed allowed_columns
* Removed Queable methods, since we don’t use a queue
* Fixed return type in method doc
* Fixed version number
* Changed id to user_id for clarity
Filter down the custom fields we are iterating over to only custom fields in the header row.
This prevents nulling out fields when performing an import-update that doesn't include
all custom fields as well as properly nulls out values between items being imported.
Filter down the custom fields we are iterating over to only custom fields in the header row.
This prevents nulling out fields when performing an import-update that doesn't include
all custom fields as well as properly nulls out values between items being imported.
* Added “show fields in email” to custom fields
* Added “show images in email” to settings
* Added nicer HTML emails
* Break notifications out into their own, instead of trying to mash them all together
* Remove old notification for accessory checkout
* Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you”
* Add method for image url for accessories
* Added accessory checkout email blade
* Make accessory email notification on checkout screen consistent with assets
* Added native consumables notifications
* Fixes for asset notification
* Updated notification blades with correct-er fields
* Updated notifications
* License checkin notification - does not work yet
Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target
* Added alternate “cc” email for admins
* Only try to trigger notifications if the target is a user
* Fix tests
* Fixed consumable URL
* Removed unused notification
* Pass target type in params
* Show slack status
* Pass additional parameters
There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck.
* Pass a variable to the notification to supress the duplicate slack message
* Slack is broken :( Trying to fix
Will try a git bisect
* Put preview back into checkout
* Pulled old archaic mail
* Removed debugging
* Fixed wrong email title
* Fixed slack endpoint not firing
* Poobot, we hardly knew ye.
* Removed old, manual mail from API
* Typo :-/
* Code cleanup
* Use defined formatted date in JSON
* Use static properties for checkin/checkout notifiers for cleaner code
* Removed debugging
* Use date formatter
* Fixed target_type
* Fixed language in consumable email
* Added authentication via Remote User
* - Removed nullable from remote_user settings fileds and used just default values instead
- Removed german translations
- Removed 401 error page and replaced usage with 403 error page as 401 was actual a duplicate of 403
- Replaced usage of $_SERVER['REMOTE_USER'] with Laravels API Request::server('REMOVE_USER')
* - Fixed request usage
This restore() is still not working, though not sure why. Seems like it should be pretty straghtforward, and yet…
Additonally, manually setting the deleted)at date to null or blank isn’t working either. I’m sure I’m just missing something obvious.
* New Test Notification
Created Test Notification.
Updated Vendor Mail message.blade files.
Updated api settings controller to use Notification Façade.
* Add show URL in Emails condition
* New Welcome Notification
* Cleanup
* API tests for asset models and related cleanup/improvements
* Api license test. Tests incomplete because create/update/destroy are not implemented yet in the controller
* API Category tests.
* Manufacturers API Test.
* Implement License Create/Update/Delete Methods for API and enable test.
* Add missing gate for api. Fixes only superadmins being able to generate Personal Access Toekns
* Use the formated date helper to clean up verifications.
* Add Checkin/Checkout api tests.
* Accessories api test
* Add Companies API Test.
* Return ModelNotFound as a 404.
* Cleanups/simplficiations/updates.
* Locations api test.
* currency and image should be fillable on location.
* Update components api test.
* Use findOrFail so we return a 404 instead of a 200. Matches other item types.
* order_number should be fillable in component.
* Add updated_at and permissions to information returned from api for a user.
* Add users test and flesh out factory and fillable fields.
* Add test for assets method
* API status label test.
* Disable php7.2 for now on travis until the count(null) issues are remedied
* Add serial to update.
* API model not found should return a 200
* Work towards a functional travis. Step 1: Disable broken unit tests.
* Fix functional tests
This updates the login information and model factories to work with
changes to source.
* Importer name/full name fixes.
Fix a bug where "name" was used ambigously and mapping "item name" to
"name" would confuse the importer into thinking it should also be a user
name. Now we default to "full name" for the users name, and "item name"
for the item name. These are still both configurable through the custom
mapping.
Also update sample csvs and remove an outdated sample.
* Max length of supplier notes is 191, not 255, as per default laravel string length. Might make sense to change this to a text field in the future to match other places.
* Use sqlite/different db setup for unit tests.
* Fix assets api test.
* Fix Components API test.
* increase travis memory limit for functional tests.
* Use travis config for api tests as well.
* Fix memory limit file.
* Disable ApiComponentsAssetsCest until it's fixed.
Fix a bug where "name" was used ambigously and mapping "item name" to
"name" would confuse the importer into thinking it should also be a user
name. Now we default to "full name" for the users name, and "item name"
for the item name. These are still both configurable through the custom
mapping.
Also update sample csvs and remove an outdated sample.
* Added CSS for table toolbar
* Use maintenances API for table listings
* NIcer layout for allowed_columns in maintenances API
* Fixed#5014 - bootstrap cookie issues
* Fixed#5015 - bug when saving settings
* Refactored datatable code to use data attributes
* Updated dashboard with new table code
* Added - Order by group user count
* Updated groups to use new table attributes
* New license listing table code
* More bootstrap table implementations
* More BS table refactoring
* Improved bootstrap assigned assets
* New bootstrap for reports
* Misc BS fixes
* FIxed small issue with asset history display
* Removed multisort option
* JS refactor
* Hotfix: Disabling the event dispatcher broke model validation.
This resulted in invalid data being imported. Reenable the event dispatcher for now--this causes double logs, but at least validates properly.
* Actually disable the event dispatcher.
* Sign in where necessary to fix the importer unit test. This catches the issues found manually in 4912
* start work on fields in fieldset api
* revert CustomFieldsetsController
* fieldset associate / disassociate api
* fix variable names and payload
* fix variable name
The API UsersController accepts manager_id, but calls the following:
$user->fill($request->all());
This results in manager_id being ignored. I can't see any problem with
allowing a user's manager to be modified using the API, so this change
allows it.
* Add Asset Tag settings to Setup
* Add Locale Settings to Setup
* Add multiple company support to setup
* Changed the locale label name from 'site_name' to locale
Added default value for language to 'en' and multiple companies support
to 0 (false)
Switched out the old Input facade to the preferred $request->input
method for the setup page.
* Allow auto incrementing asset_id from the API when the setting is enabled
* Cleaned up the if else statement
* Added prefix to the orWhereRaw which causes a database error if the configuration uses a prefix
* Auto incrementing through the API
* If a user id is provided in the name column of an import, we should assume that it is a user id and check out to it.
* Fix build of vue files. The location is public/js/build, not public/build
* Ensure a status type is set before allowing submission of an import.
Also expand the status text label to change color based on success/failure.
Fixes#4658
* Use right key to lookup emails when importing users. Fixes 4619.
* Import serial for components, and make unique matches based on the serial as well as the name. Fixes#4569
* Set the location_id when importing an item properly.
This moves as well to using the Asset::checkout() method, which should consolidate the logic into a useful spot.
Fixes#4563 (I think)
* Production assets.
* Case insensitive field map guessing and repopulate when changingin import type.
This will return the error from the ldap_search ran in Models/Ldap.php instead of throwing an exception. Users seem to commonly be getting an Exception because of invalid search filters. This will better inform them of that issue without requiring them to enable DEBUG.
* The default locale of en does not include dollar sign in default currency. Assume if there is no currency symbol set that the dollar sign is a good thing to look for in parsefloat.
* Fix for 4485. Serial not serial_number
Also fix bug where updating with a csv that does not include custom field columns should not overwrite current values.
* Rename serial_number to serial in default imports to avoid needing to map weirdly.
* Add Test for 4359. Not reproducable at current though
* Added form checkout selector partial
* Stupid stash
* Added radio button checkout selector javascript
* New compiled production assets
* Added $style override in form partials for select2 ajax lists
* Added checkout-to radio button selector
TODO: Fix for accessibility - currently cannot tab-select this radio button
* Added new checkout-to selector to hardware edit
* Added new checkout-to selector to asset checkout form
* Refactored postCheckout to use radio button submission
This defaults to user checkout if nothing is passed for some reason
* Better visual feedback on whether or not an asset is deployable in edit screen
* Migration - Labels Display Company Name setting
* Add Company Name to Labels
Add company name if it is turned on in settings and asset has a valid company
* Add Company Name checkbox to Label settings
* Add Company Name Lang
* Add display company name to postLabels
* Revert Add Company Name Lang
* Fix display company name in postLabels
* Change tinyInt to boolean for display company name
* Simplify checking for company and getting the name
* Change to square brackets for array notation
* Move divs inside if statements on optional fields
* More helpful text on how the custom validator works
* Clarified language of custom format, fixed regex example
* Fixed regex example in placeholder
* Added comments to custom fields
* Added regex validation string
* Added valid_regex validator in format requirements
* Removed useles comments
* Fixes#4236 - validate the regex custom validation
* Add Authorizable trait and interface to our user model so we have access to User::can/User::cant. We should take a look at where else our user model has diverged from Larvel since it was created...
* Policy cleanup/fixes.
This commit adds policies for the missing backend/"settings" areas. The
permissions were implemented a while back but the policies did not, so
authorizing actions was failing.
In addition, this condenses a lot of code in the policies into base
classes. Most of the files were identical except for table names, so we
move all of the checks into a base class and override the table name in
each policy.
* Use a better name and permission for the check in the default layout.
* Locations API support for image
* Added manufacturers API support for image
* Added manufacturers API support for image
* Added image support for locations add/update
* Added manufacturer image upload support to controller
* General image string
* Added blade support for image uploads/delete image
* Added $request support (from Input::)
* Added image support in API transformers
* Added image to Manufacturers presenter for data table
* Migration to create image fields
* Ignore the contents of the new image directories
* Create new image upload directories
* Created components/consumables uploads directory
* Fixed missing textSearch scope from companies
* Added ignore for companies uploads directory
* Added blade support for image upload
* Fixed path to upload directory on edit
* Added company image upport to transformers, controllers
* Added image support for categories
* Added support for images in Departments
* Added support for image in Consumables
* Added image support for components
* Ignore accesories uploads
* API: Allow searching accessories by supplier id
* Adds suppliers and image upload to accessories
* Allow sorting by counts for suppliers
* Validate supplier image uploads
* Remove purchase_date from protected accessory array, it was converting it to datetime in datepicker
* Add laravel routes to javascript
This will clean up a lot of passing of urls. Adds a route() helper and
everything...
This commit also moves the customfield fetching to only be fetched once
and shared with each file, rather than once for each file.
* Try to fix travis unit test things.
* Downgrade doctrine/inflector for php5
* Attempt to occasional seeder issues on travis if the asset does not generate validatable data.
* Update sql dump for functional tests.
* Try to fix api tests.
* Fix old urls.
Still had some /admin/ urls floating around, which was causing bad
redirects in some instances. Should fix#4085
* The modal seems to be confusing license upload. be more explicit in the route we redirect to.
* Fix#4039. Use proper methods for location assets.
This also fixes a bunch of n+1 issues in the transformer. Also: curious
to know what Location::assets() does, because it doesn't do what I want
it to :)
When using the default Laravel auth routes, it expects a registration controller, even though we don’t have a concept of registration. This blank controller just prevents route caching from throwing errors.
For a while, prior to 987536930, we did not null assigned_type on
checkin. This migration manually nulls all assigned_type fields if
assigned_to is unset. Add a test to AssetTest for this as well...kind
of. We need to extract an Asset::checkin() method for 4.1 that mirrors
Asset::checkOut() to really test this.
This also fixes a separate (but related) issue. The Asset importer did
not set assigned_type when importing and creating users. In this
instance, we assume that if assigned_to is set and assigned_type is not,
then the item was checked out to a user and update the DB accordingly.
Also add a check in ImporterTest for this issue.
* There is no notes field on accessories. Fixes Importer Test.
* Fix notification test. We should see a checkout not allowed exception when trying to check out to a location if the asset requires acceptance.
* Fix Custom field import.
Add a test for custom field import, and fix a few issues related to
importing custom fields. This will restore v3 functionality.
* Add UI support for mapping custom fields.
This still requires the field mappings to be created/assigned in
advance, but will fetch all custom field names and allow them to be
selected when setting up custom field mappings.
This commit also updates laravel-mix to v1.4.3 and other node
dependencies to fix some build issues.
* Fix some requestable asset page/assetloc issues. I'd love to know why laravel expections relationships to be in lower case... but thats a question for another day.
* Fix accidental commit of ImporterTest.
* Move the name() method to the presenter
This fixes some weird collisions between laravels voodoo and our
presenter voodoo that confused php. It's also probably a cleaner place
to put it. Should fix#3927
* Add missing parenthesis
* Add heading to tables on locations/view page.
* Fix some n+1 problems
* Use route in notification dropdown to make sure we link to correct page
* Work on better UI support for checkout to non-user. Fix links on index bootstrap table, work towards eliminating assignedUser
* Remove Asset::assigneduser() relationship. Instead add a checkedOutToUser() method and/or port to using assignedTo()
* Adjust string to fit new reality
* Fix#3780. Move the consumables getDataView method to the ApiController. Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...
* Fix file uploads to assets and restore the delete route.
* Add asset maintence edit action to index.
* Suppliers asset list should link to the related asset, not to the supplier with same ID.
* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.
* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
Working mail from notification. Still requires testing/cleaning
Add tests around checkout notification.
This also removes the ability to check out an asset to a location|asset
that requires acceptance/a Eula. For 4.1 we may think about how to
support such a thing, but at present it seems to make sense to only alow
such assets to be checked out to users, who can be responsible for the
items.
* Adds basic GET api support for CustomFieldsets
Currently there is not support for getting what fields a given fieldset contains
from the API. This commit creates a new API Controller for CustomFieldsets as
well as Transformers for CustomFields CustomFieldsets. Additionally, the api
route has been updated so that a show method can be access from
http://myapp/api/v1/fieldsets/{id}
* CustomFieldsetsTransformer only returns id and name of model
* Added index api method for CustomFieldsets
* Removes copy/paste error in CustomFieldsetController (including search)
* Added id to CustomFieldsetsTransformers
* Adds custom_fieldset_id as a field when storing and updating AssetModels
* Removed uncessesary parameter from CustomFieldsetsController.index
* Cleaned up CustomFieldset API
* Fix Bug in User::generateFormattedNameFromFullName
In a name "John Doe", this method would split it into "John" and " Doe",
Leaving a space in the last name when importing to the database. Strip
this space.
* Cleanup/fix some item mapping.
Also make some changes to the importer schema to allow for unit testing.
Generate a default item mapping, and then merge that with any custom
mappings.
* Beginning work on importer unit tests.
* Strip out testrun branches from importer. It added a lot of complexity and was not terribly useful with web importer as it stood, might reconsider down the road however.
* Normalize the mapped keys when using custom field mappings.
* Add test for custom asset import mapping.
* Make all unit tests inherit from a new custom base.
This baseclass currently calls Artisan::migrate() and seeds a Settings
instance. This fixes unit tests after the autoincrement bits.
* Store requestable as a boolean. Fixes some import oddities
* Work on tests for accessory importer.
* Test for custom mapping of accessory import, also adjust the internal field for purchase date.
* Update default locale fallback for currency detection
* Fix Reassignable in consumable as well.
* More importer tests and fixes.
* Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue.
* Pull the modal out into a dedicated partial, move importer to views/importer.
* Add document of CSV->importer mappings. Reorganize some code.
Progress.
* Add header_row and first_row to imports table, and process upon uploading a file
* Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier.
* Fix import processing after moving method.
* Frontend importer mapping improvements.
Invert display so we show found columns and allow users to select an
importer field to map to. Also implement sample data based on first row
of csv.
* Update select2. Maintain selected items properly.
* Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish.
* We no longer use vue-modal plugin.
* Add a column to track field mappings to the imports table.
* Cleanup/rename methods+refactor
* Save field mappings and import type when attempting an import, and repopulate these values when returning to the page.
* Update debugbar to fix a bug in the debugbar code.
* Fix asset tag detection.
Also rename findMatch to be a bit clearer as to what it does.
Remove logging to file of imports for http imports because
it eats an incredible amouint of memory.
This commit also moves imports out of the hardware namespace and into
their own webcontroller and route prefix, remove dead code from
AssetController as a result.
* Dynamically limit options for select2 based on import type selected, and group them by item type.
* Add user importer.
Still need to implement emailing of passwords to new users, and probably
test a bit more.
This also bumps the memory limit for web imports up as well, I need to
profile memory usage here before too long.
* Query the db to find user matches rather than search the array. Performance is much much better.
* Speed/memory improvements in importers.
Move to querying the db rather than maintaining an array for all
importers. Also only store the id of items when we import, rather than
the full model. It saves a decent amount of memory.
* Remove grouping of items in select2
With the values being set dynamically, the grouping is redundant. It
also caused a regression with automatically guessing/matching field
names. This is starting to get close.
* Remove debug line on every create.
* Switch migration to be text field instead of json field for compatibility with older mysql/mariadb
* Fix asset import regression matching email address.
* Rearrange travis order in attempt to fix null settings.
* Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
* Rearrange travis order in attempt to fix null settings.
* Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
* Improvemenets to unit tests.
* Break up modelfactory into multiple files, populate many states.
* Begin testing validation at the unit test level, test relationships.
* Add tests for Asset::availableForCheckout.
* Model factories now generate all needed relationships on demand,
which allows us to unit test with a empty database.
* To faciliate the empty database, we move to using sqlite in memory as
the unit testing database.
* Fix bug with logs of checkouts to non users.
* Fix location finding for assets. Also Fix location show page to show users associated with location. Still need some work to show assets.
* More test and generator improvements
* More unit test fixes. PermissionsTest is borked still.
* More Updates
* Rewrite permissionstest. Check that we have access on the model level rather than via web requests. Also test delete permissions.
* Fix seeders.
* Make the default asset model factory generate assets that are rtd for testing.
* Save progress.
* Rebase tests, fix department unit test, update database for functional tests.
* Update functional and api tests to use new modelfactory signatures.
This is round one of the rethink of checkout-to-everything. A location
now has a manager field, and the manager (by default) be responsible for
assets checked out to the location.
If a user is disabled in your Active Directory, it should be deactivated in the licensing too.
The standard state is now deactivated for synced accounts.
Maybe we can change this throw a Setting for a standard state.
The codes comes from this site:
http://www.netvision.com/ad_useraccountcontrol.php
* Pave the imports table
* Format error response if file is the wrong type.
* If a custom field doesn't exist, don't insert a blank string into the custom fields table
* CustomField::db_column_name can return the stored name in the db. It's slugified when that value is set initially. This fixes a weird issue where _1 was replaced with _xx
* updating with changes made to master
apply PR # 3456 to develop as well
* updating develop with changes made to master
apply PR # 3456 to develop as well
* updating paveit with passport-created oauth tables
* Refactored AssetsTransformer
Casted all ids to int, escaped all text values,
* Added warranty_expires attribute to Asset model
$asset->warranty_expires contains a Carbon object with the warranty
expiration date. Returns null when either purchase_date or
warranty_months are not set.
* Ignoring php-cs cache files
* Restored asset tests expectations
Work in progress - tests still fail
* API controller refactoring, fixed HTTP status codes in responses
* Restored $request->get - debugging
* Added further checks in ApiAssetsCest::updateAssetWithPatch
* /api_tests: Fixed bugs in update() method + code formatting
* /api_tests: Minor code formatting
* /api_tests: Mirrored test code for PATCH and PUT methods
* Removed repeated code
* Test cleanup
* Fixed issues with update() through PATCH and PUT methods
* Added API test suite to .travis.yml
* Refactored AssetsTransformer
Casted all ids to int, escaped all text values,
* Added warranty_expires attribute to Asset model
$asset->warranty_expires contains a Carbon object with the warranty
expiration date. Returns null when either purchase_date or
warranty_months are not set.
* Ignoring php-cs cache files
* Restored asset tests expectations
Work in progress - tests still fail
* API controller refactoring, fixed HTTP status codes in responses
* Restored $request->get - debugging
* Added further checks in ApiAssetsCest::updateAssetWithPatch
* Fixed undefined method
* Fixed initial underscore trimmed by str_slug
* CustomFieldTest now works where intl PHP extension is not installed
If a server doesn't have the intl php extension installed, the custom fields tests failed. Now the tests perform the same check done in the CustomField class.
* Refactored AssetsTransformer
Casted all ids to int, escaped all text values,
* Added warranty_expires attribute to Asset model
$asset->warranty_expires contains a Carbon object with the warranty
expiration date. Returns null when either purchase_date or
warranty_months are not set.
* Ignoring php-cs cache files
* Restored asset tests expectations
Work in progress - tests still fail
* API controller refactoring, fixed HTTP status codes in responses
* Restored $request->get - debugging
* Added further checks in ApiAssetsCest::updateAssetWithPatch
* Toggles the disabled state of auto_increment_prefix
To insert a prefix you had to toggle the checkbox, save the settings and reload. With this script it is immediate. Fixes#1390
* Delete asset image: made checkbox more visible
Related to #3153
* Added personal-access-token component
* Created basic API testing configuration
* First version of /components endpoind cest
* On-the-fly bearer token generation
* Completed testing of PATCH and PUT methods
* Added /components/{id}/assets route with tests
* Updated route and dataTable in view
* Completed test assertion
* Added links to assets in ComponentsAssets view
* Linked Company in AssetView page
* Fixed purchase_cost format expectation in ApiComponentsCest
* Refactored api routes file
Sorted all prefixes in alphabetical order, removed duplicate routes. For every prefix I placed first Route::resource and then any additional route in a Route::group. Expanded arrays for readability and consistency. Removed useless calls as create and edit everywhere.
* Refactored and added one more test to ApiComponentsAssetsCest
* Marked one test as incomplete, 404 response should return json
* Fixed value expectation
* Refactored getToken()
* Added API debugging routes
* Added more information to ValidationException reporting
Now the payload contains the validation errors for each invalid
attribute.
* /apitests: refactored expectations in component assertions
* Created ApiAssetsCest
* /apitests: Cleanup in Exceptions/Handler
* Reverted change to use
* Marked two tests as incomplete, looking for solutions
* Toggles the disabled state of auto_increment_prefix
To insert a prefix you had to toggle the checkbox, save the settings and reload. With this script it is immediate. Fixes#1390
* Delete asset image: made checkbox more visible
Related to #3153
* Added personal-access-token component
* Created basic API testing configuration
* First version of /components endpoind cest
* On-the-fly bearer token generation
* Completed testing of PATCH and PUT methods
* Added /components/{id}/assets route with tests
* Updated route and dataTable in view
* Completed test assertion
* Added links to assets in ComponentsAssets view
* Linked Company in AssetView page
* Bugfixes based on functional tests
* Removed unused function
* Marked tests as incomplete
* Added check for existence in groups/edit.blade.php
* Better error handling of failed file uploads. Also improve formatting of modal dialog
* Readd app.js to the js build, fixes collapsing sidebar
* Update JS
* Fix font size. We need to explicitly set the font size for the table because everywhere else that comes from bootstrap-tables
* Toggles the disabled state of auto_increment_prefix
To insert a prefix you had to toggle the checkbox, save the settings and reload. With this script it is immediate. Fixes#1390
* Delete asset image: made checkbox more visible
Related to #3153
* Added personal-access-token component
* Created basic API testing configuration
* First version of /components endpoind cest
* On-the-fly bearer token generation
* Completed testing of PATCH and PUT methods
* Added /components/{id}/assets route with tests
* Updated route and dataTable in view
* Completed test assertion
* Added links to assets in ComponentsAssets view
* Linked Company in AssetView page
* Begin work on vueifying the importer
* Beginning work on migrating the importer to use a vue/components for future interactivity
Update JS
More importer work. Move to a vue based modal, begin handling of processing. Still need to port error messages.
More importer work. Move to a vue based modal, begin handling of processing. Still need to port error messages.
Update importer. Add error display. Fix modal, update vue-strap to vue2
More progress. Add select2 vue bits.
* Move to querying the db to find importer matches. It scales better on large datasets.
Fix select2 related issues. We were trying to initialize it twice, which led to the custom data being overwritten.
* Better error handling on uploads and deletion of files. Restore progressbar on upload.
* Add support for generic exception reporting if app.debug is enabled.
* Handle Http 500 errors better. Display errors if debug is enabled. Assorted cleanups.
* Fix codacy issues, remove unused methods.
* Only bind vue to the importer for now.
* Load vue for passport as well.
* Major code simplification of the importers.
Move towards using Model::fill and Model::update rather than reinventing
the wheel. This makes the updating/creating logic a lot clearer, and
allows for the deletion of a lot of code. Also allows for supporting of
more fields in the future really easily.
* Cleanup constructors and use setters instead.
* Set the LC_MONETARY locale, and use it to strip currency symbols in Helper::parseFloat()
* Move licenseseat creation/deletion logic into an event handler on the model rather than the controller.
* Move the logging of parsed values to array_smart_fetch rather than writing it out everywhere
* Move to storing dates as carbon rather than strings. Allows for the parsing of more arbitrary strings from the importer
* Add a license importer with support for checking out to users or assets.
* Make a directory for sample/mock import csvs and populate it
* Adjust how we store/retrieve dates to fix some issues the tests found.
* Importer fix: we were trimming the wrong part of the classname when creating a category. This led to categories not being recognized.
* Add a component importer. Uses same fields as consumable importer. Only trick: If an asset_tag is present, we checkout a component to that asset on import
Enable component importer. Also calculate the importer classname in a cleaner fashion.
* Fix comparisons. find can return an index of 0, which is falsy.
* Update composer phpcs
* Minor Fixes found while working.
ALlow user_id to be nullable in category model validation
Point to the correct route in accessoriespresenter datatable. Also add name() method
Add a translated category name
Fix typo in translation
* Add a method to the asset presenter to show deployed when asset is deployed. Fixes#3114
Some licenses, such as windows licenses, are machine specific. This
commit allows an extra field to be added to the license importer to
allow these licenses to be imported and attached directly to an asset
* Set user if asset is checked out to user. fixes email problems.
* Use sometimes validation to ignore this when no values are present.
* Move Actionlog details to a presenter and port the activity table to use it. Still need to port other parts of the application, but this consolidates a lot of logic.
* Attempt test fix
* Port users,licenses, and assets view to use the presenter to generate table values.