Commit graph

4697 commits

Author SHA1 Message Date
snipe dee92cfc6c
Fixes XSS vulnerabilities (#6831)
* Properly escape log_meta values

* Vue syntax fix to allow npm run dev to work again

* Janky fix for Select2 bug

* Compiled production assets

* Escape user’s last name in API

* Removed duplicate alertClass

* Compiled production assets
2019-03-18 20:49:32 -07:00
snipe dec77890bd Merge branch 'master' of https://github.com/snipe/snipe-it 2019-03-18 11:59:48 -07:00
snipe 0e1289f12f
Fixes #6821 - fixed 2 fa active for users list (#6822)
* Fixed #6821 - confusing UI for 2FA when 2FA is universally enforced

I also updated the language in the user’s listing table to clarify what “activated” means

* Added login enabled info to user view

* Clarified comments

* Added info about 2FA on user profile

Because why not

* Added nowrap to table, and added 2FA reset for superadmins
2019-03-18 11:59:02 -07:00
Martin Meredith 1d26195821 Add models IDE helper to .gitignore (#6829) 2019-03-18 11:58:33 -07:00
snipe 7b33f95e83
Fixes/import permissions mask (#6826)
* Check for empty headers in import

* Added import permission

* Fixed model path in docblock

* Added import gate to default blade

* Check if the user is an admin OR idf they have import permissions

* Walked back that admin permission

Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission
2019-03-18 11:58:08 -07:00
snipe ab6744dfba Merge branch 'master' of https://github.com/snipe/snipe-it 2019-03-14 15:38:20 -07:00
snipe 0fd940ffa4 Check for empty headers in import 2019-03-14 15:38:07 -07:00
Ivan Nieto bebdbdfb87 Fix #6763. Import Stuck Processing - Error - Can only flip STRING and INTEGER values! (#6804)
* Added validation for errors when the Import Field to map isn't setted

* A slightly correction to the error message

* Added the translation strings for the Error Message
2019-03-14 12:32:40 -07:00
Tim Farmer 5893e25b43 Label bugs in alerts settings (#6808)
* Label bugs in alerts settings

Found another label bug where the alert_email label should be alerts_enabled.

* Update alerts.blade.php
2019-03-14 10:53:05 -07:00
snipe 26c0cf5d33 Allow null for logCheckin $action_date 2019-03-14 01:22:29 -07:00
snipe 239f21b0d7 Set null option for $action_date 2019-03-14 01:09:16 -07:00
snipe 0b927623e8 Added “record created” string for clarification in asset/license history 2019-03-13 22:06:57 -07:00
snipe 96f069c417 Change action_datwe to datetime in transformer 2019-03-13 21:57:06 -07:00
snipe 60e52cc927 Make action_date a datetime 2019-03-13 21:53:56 -07:00
snipe 9f79028391 Fixed copypasta in email_logo down() method 2019-03-13 21:53:45 -07:00
Ivan Nieto c7f48951a9 Valo/checkin date in history of asset (#6733)
* To see checkin/checkout Date in History of Asset

* Added some logic to get today's date if the checkin_at input is blank

* Updating the action_date taking the value from the action_log table

* Hide created_at field and rename 'Action Date' as only 'Date'
2019-03-13 21:36:32 -07:00
Marián Skrip 8d63533205 Add write-only image_source field for asset create/edit API endpoint (#6146)
`image_source` should contain base64 encoded image data with mime-type.
2019-03-13 21:00:40 -07:00
Ivan Nieto 8c65214b1f Ignore the soft deleted assets in the eloquent query (#6824) 2019-03-13 20:14:30 -07:00
Martin Meredith e3e0d57f56 Minor code cleanup bits and bobs (#6805)
* Add IDE Helper files

* Cleanup imports

- Alphabetises imports
- Removes unused imports

* Add Platform requirements

* Move filling asset into block where asset exists

* Remove duplicate array keys
2019-03-13 20:12:03 -07:00
snipe 55f727ef28 Fixed HTML labels on alerts setting page
Originally https://github.com/snipe/snipe-it/pull/6808/ by @timothyfarmer - I also updated the error class logic in the same block
2019-03-13 19:53:23 -07:00
snipe 6c71e72dcd Fixed labels labels (wha?)
Wrong HTML labels for some fields in the Settings > Labels page.

Originally https://github.com/snipe/snipe-it/pull/6809 by @timothyfarmer but it was made against the wrong branch
2019-03-13 19:50:35 -07:00
snipe 79f4f46e3a Add @timothyfarmer as a contributor 2019-03-13 19:45:40 -07:00
snipe fddf0cdd15 Added hungary time format 2019-03-13 19:45:30 -07:00
snipe 7c3bbe3097
Fixes #6776 hungary date format (#6823)
* Add @timothyfarmer as a contributor

* Fixed #6776 - added hungary time format
2019-03-13 19:39:38 -07:00
snipe 858d382e26 Changed logging to info level for LDAP 2019-03-13 15:14:03 -07:00
snipe de16fee00a Change image unlink error log to info from error 2019-03-13 12:22:12 -07:00
snipe 8efbde61c9 Merge branch 'fixes/kit_fixes' into develop 2019-03-13 12:16:20 -07:00
snipe 2c79ed5fc1 Added kit permissions 2019-03-13 12:15:54 -07:00
snipe 1b0d855c00 Added translation, removed commented out code 2019-03-13 12:15:48 -07:00
Martin Meredith f403db274a (develop) Fix asset auto-incrementation (#6806)
* Fix auto-increment not updating

This is due to the addition of caching for settings.  If we're not
explicitly saving the Settings model, then the cache isn't getting
updated, causing the asset tag auto-increment to get an old cached
version with the wrong number

* Move Setting cache clear to an observer
2019-03-13 10:58:35 -07:00
Martin Meredith a462e91983 (develop): Fix failing Unit Tests (#6807)
* Reference correct class for Licence Model

* Make sure we activate users in test to send Welcome Notification
2019-03-13 10:57:43 -07:00
snipe 7e8d337ed5 Moved kit icon 2019-03-08 16:49:05 -08:00
snipe 400907cc40 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2019-03-08 16:24:12 -08:00
snipe 74f33441d3 Merge branch 'VELIKII-DIVAN-develop' into develop 2019-03-08 16:23:53 -08:00
snipe 61afdeac2e Merge branch 'develop' of https://github.com/VELIKII-DIVAN/snipe-it into VELIKII-DIVAN-develop 2019-03-08 16:18:48 -08:00
Martin Meredith 55cbbf2b00 Fixes #6794: Fix URLs to access some 'missing' images (#6795)
* Fix image path for Model view

* Fix URLs for images in account view

* Fix Supplier view Image URL
2019-03-08 12:47:37 -08:00
Martin Meredith daf6d98a3b Remove test data for Pie (#6793) 2019-03-08 12:46:47 -08:00
Tim Farmer 7deab0f53b Label bugs in general settings (#6801)
* checkbox label bug

The checkbox label in general settings for require_accept_signature was set to full_multiple_companies_support instead so when you click the label for require accept signature it would check the wrong box.

* Update general.blade.php

* Update general.blade.php

Another label that is wrong in general settings
2019-03-08 12:24:24 -08:00
Jonathon Reinhart e59ec8b27f Run Laravel schedule in docker image using supervisord (#6606)
* docker: Rename /entrypoint.sh to /startup.sh

This script is not configured as the docker image ENTRYPOINT, thus it is
misleading to name it so.

* docker: Terminate supervisord if a process enters the FATAL state

By terminating PID 1, this will also terminate the Docker container.

* docker: Use supervisord to start up apache and cron

Note that this uses `apache2ctl -DFOREGROUND` rather than manually
sourcing /etc/apache2/envvars and running apache2, as recommended at
https://advancedweb.hu/2018/07/03/supervisor_docker/.

* docker: Add artisan schedule:run to crontab

This also switches to executing /var/www/html/artisan directly.

* docker: Run artisan schedule:run directly from supervisor

This has the following benefits over using cron:
- Cron doesn't need to be installed
- Docker-provided environment variables are preserved
- It's easy and explicit to run as the docker user
2019-03-07 12:42:00 -08:00
snipe ab1f34604e Add @Mezzle as a contributor 2019-03-06 18:46:36 -08:00
Martin Meredith 0840ab41d5 Hotfix: Fix ability to create assets (#6790) 2019-03-06 16:37:58 -08:00
snipe 5293cb30bd Merge branch 'fixes/only_present_image_url_if_image_present_in_profile_api' into develop 2019-03-05 23:54:08 -08:00
snipe 6d98bd6846
Fixed error if item requested or request was deleted (#6786)
ch628
2019-03-05 23:47:36 -08:00
snipe 0b0813b260 Fixed error if item requested or request was deleted
ch628
2019-03-05 23:46:40 -08:00
snipe 6f1a70ee09 Fixed ch1086 - Merge branch 'fixes/search_consumables_by_item_number' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
2019-03-05 23:23:46 -08:00
snipe 58768e5aee
Added ability to search consumables by item number (#6785)
Fixes ch1086
2019-03-05 23:21:22 -08:00
snipe 3b41aa52c8 Added ability to search consumables by item number
Fixes ch1086
2019-03-05 23:20:16 -08:00
snipe c211cc733c Bumped hash 2019-03-05 21:26:24 -08:00
snipe 28a450ea25
Added ability to do full name search in user dropdown selectlist (#6784) 2019-03-05 21:13:39 -08:00
snipe 6696685d0b Merge branch 'fixes/full_name_search_user_selectlist' into develop
# Conflicts:
#	app/Http/Controllers/Api/UsersController.php
#	routes/api.php
2019-03-05 20:57:10 -08:00