Commit graph

393 commits

Author SHA1 Message Date
Brady Wetherington 262a964760 [WIP] fix ldap-sync for v5 with AdLdap2 2020-08-14 14:45:05 -07:00
snipe 1267c68f28
Removed barcodes from S3 uploader
Signed-off-by: snipe <snipe@snipe.net>
2020-05-28 19:56:18 -07:00
Daniel Meltzer 2e936a9883
Sync paveit command with new database tables. 2020-05-23 09:08:32 -04:00
snipe 87464e6ec0
Merge branch 'develop' into integrations/2020-04-15-v5-merge
# Conflicts:
#	README.md
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/ForgotPasswordController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Requests/ImageUploadRequest.php
#	app/Models/LicenseSeat.php
#	app/Models/Location.php
#	app/Models/Setting.php
#	composer.json
#	composer.lock
#	config/database.php
#	config/version.php
#	npm-shrinkwrap.json
#	package.json
#	public/css/AdminLTE.css
#	public/css/AdminLTE.css.map
#	public/css/overrides.css
#	public/css/overrides.css.map
#	public/css/skins/skin-blue-light.css
#	public/css/skins/skin-blue.css
#	public/css/skins/skin-green-dark.min.css
#	public/js/app.js
#	public/js/bootstrap-table.js
#	public/js/bootstrap/js/bootstrap.js
#	public/js/bootstrap/js/bootstrap.min.js
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/demo.js
#	public/js/ekko-lightbox.js
#	public/js/ekko-lightbox.min.js
#	public/js/extensions/export/bootstrap-table-export.js
#	public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js
#	public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js
#	public/js/extensions/toolbar/bootstrap-table-toolbar.min.js
#	public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js
#	public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js
#	public/js/plugins/timepicker/bootstrap-timepicker.js
#	public/js/plugins/timepicker/bootstrap-timepicker.min.js
#	public/js/vue.js
#	public/mix-manifest.json
#	resources/assets/js/bootstrap-js.js
#	resources/assets/js/bootstrap.min.js
#	resources/assets/js/ekko-lightbox.js
#	resources/assets/js/ekko-lightbox.min.js
#	resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js
#	resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js
#	resources/assets/js/plugins/chartjs/Chart.js
#	resources/assets/js/plugins/timepicker/bootstrap-timepicker.js
#	resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js
#	resources/assets/less/AdminLTE.less
#	resources/assets/less/overrides.less
#	resources/assets/less/skins/_all-skins.less
#	resources/assets/less/skins/skin-black.less
#	resources/assets/less/skins/skin-blue.less
#	resources/assets/less/skins/skin-green.less
#	resources/assets/less/skins/skin-purple.less
#	resources/assets/less/skins/skin-red.less
#	resources/assets/less/skins/skin-yellow.less
#	resources/assets/less/variables.less
#	resources/js/components/importer/importer-file.vue
#	resources/lang/en/auth/message.php
#	resources/lang/en/passwords.php
#	resources/lang/es-CO/general.php
#	resources/lang/es-ES/general.php
#	resources/lang/es-VE/general.php
#	resources/less/skins/skin-black-dark.less
#	resources/less/skins/skin-blue-dark.less
#	resources/less/skins/skin-contrast.less
#	resources/less/skins/skin-green-dark.less
#	resources/less/skins/skin-orange-dark.less
#	resources/less/skins/skin-orange.less
#	resources/less/skins/skin-purple-dark.less
#	resources/less/skins/skin-red-dark.less
#	resources/less/skins/skin-yellow-dark.less
#	resources/views/accessories/checkin.blade.php
#	resources/views/accessories/checkout.blade.php
#	resources/views/accessories/edit.blade.php
#	resources/views/account/profile.blade.php
#	resources/views/account/view-assets.blade.php
#	resources/views/asset_maintenances/edit.blade.php
#	resources/views/auth/passwords/email.blade.php
#	resources/views/auth/passwords/reset.blade.php
#	resources/views/categories/edit.blade.php
#	resources/views/companies/edit.blade.php
#	resources/views/components/checkin.blade.php
#	resources/views/components/checkout.blade.php
#	resources/views/components/edit.blade.php
#	resources/views/consumables/checkout.blade.php
#	resources/views/consumables/edit.blade.php
#	resources/views/custom_fields/fields/edit.blade.php
#	resources/views/custom_fields/fieldsets/edit.blade.php
#	resources/views/dashboard.blade.php
#	resources/views/departments/edit.blade.php
#	resources/views/groups/edit.blade.php
#	resources/views/hardware/audit.blade.php
#	resources/views/hardware/bulk-checkout.blade.php
#	resources/views/hardware/bulk.blade.php
#	resources/views/hardware/checkin.blade.php
#	resources/views/hardware/checkout.blade.php
#	resources/views/hardware/edit.blade.php
#	resources/views/hardware/index.blade.php
#	resources/views/hardware/quickscan.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/importer/import.blade.php
#	resources/views/layouts/basic.blade.php
#	resources/views/layouts/default.blade.php
#	resources/views/layouts/edit-form.blade.php
#	resources/views/licenses/checkin.blade.php
#	resources/views/licenses/checkout.blade.php
#	resources/views/licenses/edit.blade.php
#	resources/views/locations/edit.blade.php
#	resources/views/manufacturers/edit.blade.php
#	resources/views/modals/upload-file.blade.php
#	resources/views/models/bulk-edit.blade.php
#	resources/views/models/custom_fields_form.blade.php
#	resources/views/models/edit.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/partials/forms/edit/address.blade.php
#	resources/views/partials/forms/edit/asset-select.blade.php
#	resources/views/partials/forms/edit/category-select.blade.php
#	resources/views/partials/forms/edit/category.blade.php
#	resources/views/partials/forms/edit/company-select.blade.php
#	resources/views/partials/forms/edit/company.blade.php
#	resources/views/partials/forms/edit/department-select.blade.php
#	resources/views/partials/forms/edit/depreciation.blade.php
#	resources/views/partials/forms/edit/email.blade.php
#	resources/views/partials/forms/edit/image-upload.blade.php
#	resources/views/partials/forms/edit/item_number.blade.php
#	resources/views/partials/forms/edit/location-profile-select.blade.php
#	resources/views/partials/forms/edit/location-select.blade.php
#	resources/views/partials/forms/edit/location.blade.php
#	resources/views/partials/forms/edit/maintenance_type.blade.php
#	resources/views/partials/forms/edit/manufacturer-select.blade.php
#	resources/views/partials/forms/edit/manufacturer.blade.php
#	resources/views/partials/forms/edit/minimum_quantity.blade.php
#	resources/views/partials/forms/edit/model-select.blade.php
#	resources/views/partials/forms/edit/model_number.blade.php
#	resources/views/partials/forms/edit/name.blade.php
#	resources/views/partials/forms/edit/notes.blade.php
#	resources/views/partials/forms/edit/order_number.blade.php
#	resources/views/partials/forms/edit/phone.blade.php
#	resources/views/partials/forms/edit/purchase_cost.blade.php
#	resources/views/partials/forms/edit/purchase_date.blade.php
#	resources/views/partials/forms/edit/quantity.blade.php
#	resources/views/partials/forms/edit/serial.blade.php
#	resources/views/partials/forms/edit/status.blade.php
#	resources/views/partials/forms/edit/submit.blade.php
#	resources/views/partials/forms/edit/supplier-select.blade.php
#	resources/views/partials/forms/edit/supplier.blade.php
#	resources/views/partials/forms/edit/user-select.blade.php
#	resources/views/reports/custom.blade.php
#	resources/views/settings/alerts.blade.php
#	resources/views/settings/asset_tags.blade.php
#	resources/views/settings/barcodes.blade.php
#	resources/views/settings/branding.blade.php
#	resources/views/settings/general.blade.php
#	resources/views/settings/labels.blade.php
#	resources/views/settings/ldap.blade.php
#	resources/views/settings/localization.blade.php
#	resources/views/settings/security.blade.php
#	resources/views/setup/user.blade.php
#	resources/views/suppliers/edit.blade.php
#	resources/views/users/bulk-edit.blade.php
#	resources/views/users/edit.blade.php
#	resources/views/users/ldap.blade.php
#	resources/views/users/print.blade.php
#	resources/views/users/view.blade.php
#	routes/api.php
#	routes/web/hardware.php
#	webpack.mix.js
2020-04-20 23:20:34 -07:00
snipe 663c0f3713 Fixed typo 2020-02-11 22:09:46 -08:00
Colin McNeil db59106c3e Move ldap import ini settings to config (#7679) 2019-12-19 11:51:55 -08:00
snipe 5290c47e2a Merge branch 'develop' into v5-master-develop-integration
# Conflicts:
#	.env.example
#	.travis.yml
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetFilesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Middleware/EncryptCookies.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/AssetMaintenance.php
#	app/Models/Location.php
#	app/Models/User.php
#	composer.json
#	composer.lock
#	config/backup.php
#	config/database.php
#	config/version.php
#	public/mix-manifest.json
#	resources/lang/en-ID/general.php
#	resources/lang/vi/admin/settings/general.php
#	resources/views/accessories/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/layouts/default.blade.php
#	tests/api/ApiCategoriesCest.php
2019-11-18 19:49:39 -08:00
snipe 04562e6d4a Added 4260352 to ldapsync enabled account constraint 2019-10-18 17:48:50 -07:00
snipe b381528668
Added console rekey tool (#7330)
* Removed console command specifications, since they’re pulled dynamically now

* Added rekey console command

* Removed unused code

* Comment clarifiction

* Handle LDAP password
2019-09-03 11:03:32 -07:00
snipe 441ae69f5c
Integrations/develop into master (#7352)
* Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)

* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)

* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)

* Fixed #7003 - crash when warranty months or purchase date is null

* Fixed #6956 - viewKeys policy inconsistent  (#7009)

* Fixed #6956 - Added additional gates show showing/hiding license keys

* Modified gate to allow user to see licenses if they can create or edit the license as well

* Added API middleware to API routes to enable throttling

TODO: Figure out how to make this costumizable without touching the code

* Import locations from CSV via command line (#7021)

* Added import locations command

* Small fixes to location importer

* Added country, LDAP OU

* Cleaned up comments, added more clarification to what the script does

* Added ability to update groups via API

Fixes [ch9139]

* Bumped version

* Fixed #6883 - remove escaping of fields on LDAP import

* Fixed #6880 - correctly encrypt encrypted fields via the API

* Fixes #5054: LDAP users deactivated for none-ad (#7032)

When using none-AD ldap, users are automatically deactivated every LDAP
sync.  This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.

Fixed #5054, at least for 4.X

* Updated packages

  - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
  - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
  - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
  - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
  - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
  - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
  - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)

* Fixed #7044 - API update deleted custom fields if they are not re-presented

* Fixed XSS vulnerability when creating a new categories, etc via modal on create

Same fix as before, because of the weird select2 post-parsing ajax behavior

* Updated email strings

* Fixed #7046 - added user website url back into UI

* Updated language strings

* Bumped version

* Updated packages

* New backups config for spatie

* Removed debugbar service provider (autodiscovery)

* Use laravel v5.5 withCount manual aliases

* Added spatie language files

* Removed old laravel backups config

This config file was renamed in a newer version of spatie laravel-backup

* Set the serialization

* Added the command loader to console kernel

* Renamed fire() to handle()

* Updated withCount to use manual naming

* Updated backup path in backup admin

* Updated travis with new php versions

* Bumped laravel version in readme

* Fixed custom field edit screen

* Fixed baseUrl is undefined error

I literally cannot figure out how this ever worked before.

* Fix for included files in backup

* Bumped version

* Switch has() to filled()

* Change ->has() to ->filled()

* Removed cosole log

* Bumped packages

* Use getReader instead of fetchAssoc for CSV parser

https://csv.thephpleague.com/9.0/upgrading/

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Trying to fix ajax asset validation

This I think gets us closer, but still not handling the validation on the asset properly.

When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:

```
Illuminate\Support\MessageBag Object
(
    [messages:protected] => Array
        (
            [name] => Array
                (
                    [0] => The name field is required.
                )

            [seats] => Array
                (
                    [0] => The seats field is required.
                )

            [category_id] => Array
                (
                    [0] => The category id field is required.
                )

        )

    [format:protected] => :message
)
```

Currently the Assets ajax returns:

```
[2019-05-24 06:52:06] develop.ERROR: array (
  'messages' =>
  array (
    'model_id' =>
    array (
      0 => 'The model id field is required.',
    ),
    'status_id' =>
    array (
      0 => 'The status id field is required.',
    ),
    'asset_tag' =>
    array (
      0 => 'The asset tag field is required.',
    ),
  ),
)
```

So not sure why it’s not working.

* Fixed missing asset validation

* Check that a model exists before trying to fiddle with fieldsets

* Tidied up license check

* Removed extra escaping on checkin

* Updated importer to work with newer CSV Reader::getRecords() method

* Fixed field mapping

* Small fix for reordering fields

Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]

This needs revisiting for a more solid fix, especially for data that was already entered bad.

* Fixed bug where sorting by company name in Users API did not work

Fixes [ch9200]

* Removed custom fields from AssignedSearch to prevent confusing data in selectlist

Fixes [ch9193]

* Removed alert-danger from tests

* Fixed missed consumables_count withCount() statement

* Fixed Undefined variable user in $backto if checked out to a non-user

Fixes [ch9194]

* Check for valid model before attempting to access fieldsets

Fixes [ch1249]

* Only build the log upload destination path if there is a matching record

Fixes [ch1232]

* Fixed free_seats_count variable name

(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)

* Only gtry to delete the file if a record is found in the log

* Only try to get fieldset if model is valid

* Fixed more camel-casing -> snake-casing

* Only display the file if the log record can be found

* Fixed casing in sync command

* Updated README

* Derp - typo

* Added link to Atlassian plugin

* More Atlassian clarifications

* Show accessory image on view page

* Increased image size to 800px, added lightboxes

* Fixed #7083 - Removed user_exists constraint on department save

If the user has been deleted, this prevented the department from being successfully saved on edit

* Updated branch in version file

* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)

* bump up to php7.1

& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`

* AND modapache ><

* 2 updates required to get software-properties+ppa

* Bumped version

* Bumped release again :(

* Missed one

* Fixed #7098 - updated backup config for deleteFile() method

* Fixed #7092 -  handle weird port forwarding/port numbers for baseUrl

* Bumped version

* Fixed #7099 - set email to null by default for backup notifications

* Removed old comments

* Fixed #7100 - Check if $user isset on checkin

* Increased throttle to 120 requests per minute

* Added Filipino, corrected order for Spanish variations

* Update language strings

* Bumped hash

* Changed has to filled to fix bulk asset editing

* Bumped point version

* Small fixes for phpleague CSB reader v9

* Improved error checking in locations importer

* Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility

* Reduce minimum group name length to 2 (from 3)

eg: IT

* Back in time fix FOR #7145 for new installs on MySQL 8+

* Fixed permission insert

//TODO

Handle this via model

* Possible fix for reporting/admin migration back in time

* Fixed #7164 - change table name to permission_groups

* Fixed LDAP password blanking on save

* fixing previous commit's actual wiping of password (#7183)

replaced Input::fille('ldap_pword') with _filled_.   Should be good to go.  

https://github.com/snipe/snipe-it/issues/7179

https://github.com/snipe/snipe-it/issues/7169

* Bumped version

* Downgrading rollbar for Laravel 5.5

* Spelling Correction (#7206)

Fixed Spelling for the word reqrite, to be rewrite.

* Fix #6910: Add logic to manipulate the eloquent query. (#7006)

* Added company_id to consumables_users table

* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users

* Remove a migration that tries to fix this problem, but is not longer necessary

* Addresses #7238 - add PWA code to layout

Needs additional UX testing

* Better log message for bad LDAP connection

* Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed

* Comment clarification on #7186

* Check for valid seat on hardware view

* Added space between footer and custom message

* Cap warranty months to three characters

Filles rollbar 209

* Cap warranty months to 3 on the frontend blade

* Fixed countable() strings on user destroy

* Check that the user has assets and that the aset model is valid

* Bumped hash

* Caps asset warranty to 20 years

* Command to fix custom field unicode conversion differences between PHP versions (#7263)

* Fixes #7252 form request changes (#7272)

* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code

* Apply fix from PR #7273 to master

* Bumped hash

* Fixed #7250 - permission issue for API fieldsets and fields endpoints

This applies the change from #7294 to master

* Add @mskrip as a contributor

* Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name

* CORS for api (#7292)

* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer

* Bumped version

* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)

* Added comments to the ByFilter query scope for clarity

* Added accessories checkout/checkin API endpoint

* Fixed CVE-2019-10742

https://nvd.nist.gov/vuln/detail/CVE-2019-10742

* Update README.md (#7334)

Add reference to CSV importer.

* Group related variables in .env

* History importer fixes

* Fixes to history importer
2019-08-14 21:48:14 -07:00
snipe eec445fcf5
Command to fix custom field unicode conversion differences between PHP versions (#7263) 2019-07-18 14:30:18 -07:00
Thomas Misilo e1b33f3087 Spelling Correction (#7206)
Fixed Spelling for the word reqrite, to be rewrite.
2019-06-27 18:33:13 -07:00
Diogenes S. Jesus 4c61d330e6 fix Paginator (#7157) 2019-06-14 09:54:09 -07:00
snipe cbff66c9db Improved error checking in locations importer 2019-06-10 18:50:41 -07:00
snipe 27231d49ea Small fixes for phpleague CSB reader v9 2019-06-03 22:05:16 -07:00
snipe b2c9a38db8 Fixed casing in sync command 2019-05-24 16:12:43 -07:00
snipe 56576d9e45 Fixed more camel-casing -> snake-casing 2019-05-24 16:01:12 -07:00
snipe bf93e8cc32 Use getReader instead of fetchAssoc for CSV parser
https://csv.thephpleague.com/9.0/upgrading/
2019-05-23 19:09:58 -07:00
snipe df8008f1ed Renamed fire() to handle() 2019-05-22 00:52:32 -07:00
Bob Clough 096393389c Fixes #5054: LDAP users deactivated for none-ad (#7032)
When using none-AD ldap, users are automatically deactivated every LDAP
sync.  This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.

Fixed #5054, at least for 4.X
2019-05-16 09:31:55 -07:00
snipe 6728089106 Fixed #6883 - remove escaping of fields on LDAP import 2019-05-15 19:15:41 -07:00
snipe d67c931f6a
Import locations from CSV via command line (#7021)
* Added import locations command

* Small fixes to location importer

* Added country, LDAP OU

* Cleaned up comments, added more clarification to what the script does
2019-05-13 02:27:19 -07:00
Joris van Eijden 486c708911 Leave the activated state for users alone in normal LDAP synchronisation. (#6988) 2019-05-06 09:40:53 -04:00
snipe 407445456a Merge branch 'features/6204_email_audit-alerts' into develop
# Conflicts:
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/LicensesController.php
#	composer.json
#	composer.lock
#	config/version.php
#	resources/views/auth/two_factor_enroll.blade.php
2019-05-06 08:45:13 -04:00
snipe e5c2d77c7d
Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)
2019-05-05 22:32:52 -04:00
snipe e4a298ca2a Added scope for both overdue and upcoming 2019-05-05 22:13:30 -04:00
snipe 7b194c678c Cleanup on audit due/overdue console command 2019-05-05 19:22:08 -04:00
snipe e46cccdf90 Added upcoming audit report
TODO: Fid diff/threshold math
2019-05-04 17:52:17 -04:00
snipe dae26e0378 Remove “Imported from LDAP” note override 2019-04-18 17:56:08 -04:00
Martin Meredith e3e0d57f56 Minor code cleanup bits and bobs (#6805)
* Add IDE Helper files

* Cleanup imports

- Alphabetises imports
- Removes unused imports

* Add Platform requirements

* Move filling asset into block where asset exists

* Remove duplicate array keys
2019-03-13 20:12:03 -07:00
snipe 858d382e26 Changed logging to info level for LDAP 2019-03-13 15:14:03 -07:00
Steffen 74c099f0b3 fix LDAP/AD sync: function calls for password creation (#6581)
* - change generatePassword to be more secure (allow duplicate chars)
- move generatePassword from trait to helper
- fix summary output for sync command

* - Don't treat ldap_active_flag as boolean - fixes sync not working at all when ldap field is set
- Sync non activated users (But set activated=0)

* - Read user first before checking against user settings

* Fix failed logins to not throw exceptions
2019-01-15 14:05:47 -08:00
Steffen 1de9087427 LDAP fixes (#6533)
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder

* php 7.3 collect() fix (undefined variable)

* Fix travis ci

* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder

* php 7.3 collect() fix (undefined variable)

* change LDAP implementation from model to (singleton) service

* Re-apply check for content in ldap_server variable before parsing

* Update LDAP implementation

* Switch iCheck to minimal as referenced in js

* Don't init on load but on first access via init (returns ldap enabled status)

* Re-Enable notifications

* Re-add missing test target php versions

* Only init() once (singleton class, so ldap variable is already set)
2019-01-10 13:20:43 -08:00
KeenRivals f5ba2106cd Fix snipeit:unescape not unescaping quotes (#6506) 2018-12-14 18:08:00 -08:00
Wes Hulette 34246ee4ef [WIP] v5 Develop: New LDAP implementation (#6352)
* Fixed missing oauth tables during setup.

* WIP New LDAP implementation

* WIP New LDAP implementation

* WIP New LDAP implementation


Merge remote-tracking branch 'origin/WIP_LDAP' into WIP_LDAP

* WIP New LDAP implementation

Added Adldap2 to handle ldap intergration.

* Updated per PR quality review

* Added specific LDAP settings method

* Corrected version number

* Added return documentation

* Added imports

* Changed class to be injected into controller

* Updated with PR suggestions
2018-12-06 14:05:43 -08:00
snipe dd5ca73602 Set support footer and version footer to on when resetting the demo 2018-11-08 12:52:37 -08:00
Wes Hulette 88b1da4260 Added: Caching of settings (#6378)
* Fixed missing oauth tables during setup.

* Cache settings

Cache the setting to reduce unnecessary database calls
2018-11-01 19:59:50 -07:00
Wes Hulette b8a37a0c73 Fixed Expiring Assets Email (#6321) 2018-10-11 14:03:00 -07:00
snipe b5211b2dd5 Fixed #6291 - send-welcome argument in cli importer 2018-10-04 04:44:12 -07:00
snipe 4db1dd8afc Fixed #6291 - send-welcome argument in cli importer 2018-10-04 04:43:06 -07:00
snipe c8ad45b11e Port import manager code to develop 2018-10-03 00:52:29 -07:00
snipe c8bff3ef38
Features/add manager and dept to importer (#6277)
* Ignore the simlink for public storage

* Added manager and department to user import

* More UI importer tweaks

* Fisxed typos
2018-10-02 15:43:54 -07:00
snipe 79367642b1
[WIP] Added #5957 - Flysystem support (#6262)
* Added AWS url to example env

* Upgrader - added check for new storage path and attempt to move

* Ignore symlink

* Updated paths for models

* Moved copy methods

* Added AWS_URL support

For some reasin, Flysystem was generating the wrong AWS url (with a region included)

* Switch to Flysystem for image uploads

* Nicer display of image preview

* Updated image preview on edit blades to use Flysystem

* Twiddled some more paths

* Working filesystems config

* Updated Asset Models and Departments to use Flysystem

* Janky workaround for differing S3/local urls/paths

* Try to smartly use S3 as public disk if S3 is configured

* Use public disk Storage options for public files

* Additional transformer edits for Flysystem

* Removed debugging

* Added missing use Storage directive

* Updated seeders to use Flysystem

* Default logo

* Set a default width

We can potentially override this in settings later

* Use Flysystem for logo upload

* Update downloadFile to use Flysystem

* Updated AssetFilesController to use Flysystem

* Updated acceptance signatures to use Flysystem

* Updated signature view to use Flysystem

This isn’t working 100% yet

* Use Flysystem facade for displaying asset image

* Set assets path

Should clean all these up when we’re done here

* Added Rackspace support for Flysystem

* Added Flysystem migrator console command

* Added use Storage directive for categories

* Added user avatars to Flysystem

* Added profile avatar to Flysystem

* Added the option to delete local files with the migrator

* Added a check to prevent people from trying to move from local to local

* Fixed the selectlists for Flysystem

* Fixed the getImageUrl method to reflect Flysystem

* Fixed AWS copy process

* Fixed models path

* More selectlist updates for Flysystem

* Updated example .envs with updated env variable names

* *sigh*

* Updated non-asset getImageUrl() methods to use Flysystem

* Removed S3 hardcoding

* Use Flysystem in email headers

* Fixed typo

* Removed camera support from asset file upload

We’ll find a way to add this in later (and add that support to all of the other image uploads as well)

* Fixed path for categories

* WIP - Switched to standard handleImages for asset upload.

This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now.

* Fixed css URL error

* Updated Debugbar to latest version (#6265)

v3.2 adds support for Laravel 5.7

* Fixed: Missing CSS file in basic.blade.php (#6264)

* Fixed missing CSS file in basic.blade.php

* Added

* Changed stylesheet import for authorize.blade.php

* Updated composer lock

* Added AWS_BUCKET_ROOT as env variable

* Use nicer image preview for logo upload

* Removed AssetRequest form request

* Removed asset form request, moved custom field validation into model

* Added additional help text for logo upload

* Increased the size of the image resize - should make this a setting tho

* Few more formatting tweaks to logo section of branding blade preview

* Use Flysystem for asset/license file uploads

* Use Flysystem for removing images from models that have been deleted

* Enable backups to use Flysystem

This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3

* Use Flysystem to download license files

* Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
snipe 68a04c7a23 Fixed #4151 - Undefined index: samaccountname on LDAP import 2018-09-27 16:13:27 -07:00
snipe 75032def9e Fixed #4151 - Undefined index: samaccountname on LDAP import 2018-09-27 16:11:09 -07:00
snipe 3a0f738fb0 Added some hepful comments 2018-09-26 19:20:50 -07:00
snipe ffbee77f6f
Patch for 5965 - multiple email recipients no longer working (#6238) 2018-09-26 15:47:53 -07:00
Wes Hulette 16e56646b8 Fixed #5965: Allow multiple alert email addresses (#6233)
* Fixed #5965: Allow multiple alert email addresses

* Style changes based on PR feedback.
2018-09-26 14:07:41 -07:00
Juho Taipale 05b03df600 Fix for issue #6165 (#6168)
* Fix problem when using ValidatingTrait

* Checking that email alerts are enabled when trying to send expected check-in alerts (fix for issue #6169)
2018-09-12 22:49:50 -07:00
snipe 827a86b2ef Only send inventory report to users if they have things checked out to them 2018-09-07 03:08:32 -07:00
snipe 77cdb2f409 Added console command to send inventory reports to users 2018-09-07 02:24:41 -07:00
snipe 5b8cbe29e1 Possible fix for #5054 - OpenLDAP (non-AD) LDAP users being deactivated 2018-08-27 14:51:37 -07:00
snipe 2c38036123
Improvement: Better documentation, small refactors (#6017)
* Better documentation, small refactors

* Small comment fixes
2018-08-01 00:06:41 -07:00
snipe d8f0102204 Merge branch 'features/restore_deleted_cmd' into develop
# Conflicts:
#	config/version.php
#	resources/views/layouts/basic.blade.php
2018-07-27 02:48:13 -07:00
snipe 524c6c502e
Features/restore deleted cmd (#5982)
* Delete content from login attempts table

* Script to restore deleted users and put their asset assignments back

* Uncomment backup
2018-07-27 02:42:55 -07:00
snipe 6b013724aa Uncomment backup 2018-07-26 18:11:51 -07:00
snipe 8774f0cf45 Script to restore deleted users and put their asset assignments back 2018-07-26 18:08:49 -07:00
snipe 8762e158c4 Delete content from login attempts table 2018-07-26 18:08:25 -07:00
snipe 47ed328f0e Change fire() to handle() for Laravel 5.5 2018-07-25 01:28:44 -07:00
snipe 0714ac4248 Update withCounts because Laravel 5.5 :( 2018-07-24 22:40:05 -07:00
snipe e6dd90e055 Added footer settings to settings reset 2018-07-24 22:21:16 -07:00
snipe 9daeeeb851
Features/nicer notifications (#5886)
* Improved expiring licenses notification

* Improved expiring assets notification

* Nicee low inventory notification

* Refactored stupid language strings

* Oops

* Use settings variable
2018-07-18 19:15:45 -07:00
snipe 1a29d4f60f Check for > 0 expected assets 2018-05-21 15:41:19 -07:00
snipe 4c656c0321
De-normalize new counters from 4.3.0 (#5547)
* Added de-norm counter migration for assets

* Renaming counter columns, since Eloquent has a magical *_count helper

* Added artisan command to sync counters (one-off)

* Update API to use de-normed fields

* Increment counters for checkin;/checkout

* Derp.

* Added request increment/decrementer

* Move increment for checkout to the Asset::checkout method

* Added “could take a while” message
2018-05-16 19:20:43 -07:00
snipe 8f64da5bc7 Added admin alert on expiring notifications 2018-05-08 05:27:03 -07:00
snipe 71708e349c
PHP7.2 count fixes (#5427)
* PHP 7.2 count() fixes

* Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
snipe d886dcc7c3 Reset skin for demo 2018-04-24 03:00:56 -07:00
snipe d60c9800c2 Check that the id key exists to prevent any weird edge cases for location 2018-03-05 22:44:05 -08:00
snipe 04d2542b81 Fixed #5078 - check for object or array as location in LDAP sync 2018-03-05 22:42:40 -08:00
snipe 5484b06df8 Fixed #4923 - invalid check for location object in Ldap Sync 2018-02-13 17:06:42 -08:00
Richard Hofman 5219fb63a1 Add --base_dn option to LdapSync command. (#4888) 2018-01-23 18:15:36 -08:00
Ryan 9a40e5e651 return an error from ldap_search (#4623)
This will return the error from the ldap_search ran in Models/Ldap.php instead of throwing an exception. Users seem to commonly be getting an Exception because of invalid search filters. This will better inform them of that issue without requiring them to enable DEBUG.
2017-12-14 12:57:43 -08:00
snipe 608bb1b5b1 Fixed #3416 - bulk delete asset models 2017-12-12 09:10:05 -08:00
Brady Wetherington 4584990cc3 Cleaner re-implementation of loop-detection for asset-assigned-assets (#4553)
* Cleaner re-implementation of loop-detection for asset-assigned-assets

* Get rid of the other static and pass it along recursively too.
2017-12-04 23:00:55 -08:00
snipe 2aafdb1400 Bumped version 2017-12-01 20:49:04 -08:00
snipe 51661b0a21 Fixed #4190 - Added artisan command to regenerate asset tags 2017-11-24 11:25:51 -08:00
snipe e5129a8b98 Removed next_version 2017-11-21 19:39:33 -08:00
snipe 0c9e41e1fa Updated versioning script to handle githooks better 2017-11-21 19:01:47 -08:00
snipe f672b14468 Ignore deleted assets and check for valid location in artisan command 2017-11-04 16:20:31 -07:00
snipe 12caa48390 Uncommented info output 2017-11-03 19:42:54 -07:00
snipe 1c12b6e13b Added artisan command to sync locations 2017-11-03 19:00:36 -07:00
snipe da9bb07041 Add a default legacy cipher of rijndael-256 2017-11-03 16:27:03 -07:00
snipe 809e310565 Recrypt the LDAP password properly
Older installs should add a line to their .env:

`LEGACY_CIPHER=rijndael-256`
2017-10-18 08:15:23 -07:00
Tõnis Ormisson a4eeff01f0 FIXED upgrade Recrypt not working with changed cipher (#4245)
* FIX legacy cipher change

* FIX Recrypt Custom fields column names

* FIX ReCrypt Clean un-needed code
2017-10-18 05:43:54 -07:00
snipe 1d5fb52bfc Fix for LDAP where location ou is not null but blank 2017-10-17 16:59:50 -07:00
Richard Hofman adca7cb0c5 Fix LDAP location sync issue in #3993 (#4181)
* Ensure locations with the most specific OUs take precedence during user assignment.

* Save 'ldap_ou' Location attribute during creation.
2017-10-09 13:06:47 -07:00
snipe 6e33f36595 Set snipe-logo as default 2017-10-07 14:49:36 -07:00
snipe 9dc79f7165 Demo Settings reset artisan command
We’ll set this as a cron job to reset the language back to english
2017-10-07 07:43:57 -07:00
snipe 064a4ebe33 Ability to skip deleting/generating new users
This will behave unpredictably if there is not a user id 1
2017-10-07 00:02:37 -07:00
snipe a84da88114 Demo seeder 2017-10-06 22:58:00 -07:00
Richard Hofman f2be409914 LDAP sync improvements and DB query fix. (#4148)
* Set 'ldap_ou' Location field to NULL when an empty string is submitted.

* Consolidate LDAP user import logic in LdapSync.php.
2017-10-06 16:15:14 -07:00
Daniel Meltzer bbffde47f7 Remove conditional related to no longer existant testrun option. (#4079) 2017-09-29 17:31:39 -07:00
snipe c53dae4b72 Possible fix for #3919 - allow later versions of mcrypted base64 keys 2017-09-14 16:43:41 -07:00
Daniel Meltzer 987536930c Assorted fixes (#3923)
* Fix some n+1 problems

* Use route in notification dropdown to make sure we link to correct page

* Work on better UI support for checkout to non-user.  Fix links on index bootstrap table, work towards eliminating assignedUser

* Remove Asset::assigneduser() relationship.  Instead add a checkedOutToUser() method and/or port to using assignedTo()

* Adjust string to fit new reality

* Fix #3780.  Move the consumables getDataView method to the ApiController.  Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...

* Fix file uploads to assets and restore the delete route.

* Add asset maintence edit action to index.

* Suppliers asset list should link to the related asset, not to the supplier with same ID.

* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.

* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
2017-09-05 17:54:58 -07:00
snipe 3518ea7e7d Fixes #606 - email notifications for expected checkins 2017-08-31 21:18:05 -07:00
snipe 58b3f0519d Add empty errors array 2017-08-23 00:31:37 -07:00
snipe 6a73ec6537 First stab at a recrypter for legacy mcrypt conversion 2017-08-21 22:30:56 -07:00
Jan Felix Wiebe 5cc84ca137 Use correct array when deleting users with location (#3769) 2017-07-24 23:15:15 -07:00
Daniel Meltzer f432f98e12 Importer tests + Fixes (#3733)
* Fix Bug in User::generateFormattedNameFromFullName

In a name "John Doe", this method would split it into "John" and " Doe",
Leaving a space in the last name when importing to the database.  Strip
this space.

* Cleanup/fix some item mapping.

Also make some changes to the importer schema to allow for unit testing.
Generate a default item mapping, and then merge that with any custom
mappings.

* Beginning work on importer unit tests.

* Strip out testrun branches from importer.  It added a lot of complexity and was not terribly useful with web importer as it stood, might reconsider down the road however.

* Normalize the mapped keys when using custom field mappings.

* Add test for custom asset import mapping.

* Make all unit tests inherit from a new custom base.

This baseclass currently calls Artisan::migrate() and seeds a Settings
instance.  This fixes unit tests after the autoincrement bits.

* Store requestable as a boolean.  Fixes some import oddities

* Work on tests for accessory importer.

* Test for custom mapping of accessory import, also adjust the internal field for purchase date.

* Update default locale fallback for currency detection

* Fix Reassignable in consumable as well.

* More importer tests and fixes.
2017-07-11 20:37:02 -07:00
snipe 50e1570543 Added additional models for #3702 2017-07-08 14:49:43 -07:00
snipe eb94c4333d Fixes #3702 - Added artisan command to walk through special characters and unescape them in the DB 2017-07-08 14:47:43 -07:00
Daniel Meltzer 61c6160b98 Importer mapping - v1 (#3677)
* Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue.

* Pull the modal out into a dedicated partial, move importer to views/importer.

* Add document of CSV->importer mappings.  Reorganize some code.

Progress.

* Add header_row and first_row to imports table, and process upon uploading a file

* Use an expandable table row instead of a modal for import processing.  This should allow for field mapping interaction easier.

* Fix import processing after moving method.

* Frontend importer mapping improvements.

Invert display so we show found columns and allow users to select an
importer field to map to.  Also implement sample data based on first row
of csv.

* Update select2.  Maintain selected items properly.

* Backend support for importing.  Only works on the web importer currently.  Definitely needs testing and polish.

* We no longer use vue-modal plugin.

* Add a column to track field mappings to the imports table.

* Cleanup/rename methods+refactor

* Save field mappings and import type when attempting an import, and repopulate these values when returning to the page.

* Update debugbar to fix a bug in the debugbar code.

* Fix asset tag detection.

Also rename findMatch to be a bit clearer as to what it does.
  Remove logging to file of imports for http imports because
it eats an incredible amouint of memory.

This commit also moves imports out of the hardware namespace and into
their own webcontroller and route prefix, remove dead code from
AssetController as a result.

* Dynamically limit options for select2 based on import type selected, and group them by item type.

* Add user importer.

Still need to implement emailing of passwords to new users, and probably
test a bit more.

This also bumps the memory limit for web imports up as well, I need to
profile memory usage here before too long.

* Query the db to find user matches rather than search the array.  Performance is much much better.

* Speed/memory improvements in importers.

Move to querying the db rather than maintaining an array for all
importers.  Also only store the id of items when we import, rather than
the full model.  It saves a decent amount of memory.

* Remove grouping of items in select2

With the values being set dynamically, the grouping is redundant.  It
also caused a regression with automatically guessing/matching field
names.  This is starting to get close.

* Remove debug line on every create.

* Switch migration to be text field instead of json field for compatibility with older mysql/mariadb

* Fix asset import regression matching email address.

* Rearrange travis order in attempt to fix null settings.

* Use auth::id instead of fetching it off the user.  Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
Wyatt 3e67cdc501 Allows a null location value for importing LDAP users (#3598)
* Allows a null location value for importing LDAP users

* Forgot you need to set the variable to null..
2017-06-01 21:20:40 -07:00
Daniel Meltzer e9b056f66c Importer fixes v2 (#3524)
* Pave the imports table

* Format error response if file is the wrong type.

* If a custom field doesn't exist, don't insert a blank string into the custom fields table

* CustomField::db_column_name can return the stored name in the db.  It's slugified when that value is set initially.  This fixes a weird issue where _1 was replaced with _xx
2017-05-03 12:14:35 -07:00
Kasey 5663429280 applying PR #3456 changes to develop branch (#3472)
* updating with changes made to master

apply PR # 3456 to develop as well

* updating develop with changes made to master

apply PR # 3456 to develop as well

* updating paveit with passport-created oauth tables
2017-03-31 15:43:37 -07:00
snipe af211c1203 Remove unused method 2017-01-25 03:10:44 -08:00
Richard Hofman c506f30562 Add support for location-specific LDAP OUs. (#3176)
* Add support for location-specific LDAP OUs.

* Shortened variable names as suggested by Codacy review.
2017-01-11 23:37:14 -08:00
Daniel Meltzer 44683c784f Importer: Add License Importer and refactor (#3143)
* Major code simplification of the importers.

Move towards using Model::fill and Model::update rather than reinventing
the wheel.  This makes the updating/creating logic a lot clearer, and
allows for the deletion of a lot of code.  Also allows for supporting of
more fields in the future really easily.

* Cleanup constructors and use setters instead.

* Set the LC_MONETARY locale, and use it to strip currency symbols in Helper::parseFloat()

* Move licenseseat creation/deletion logic into an event handler on the model rather than the controller.

* Move the logging of parsed values to array_smart_fetch rather than writing it out everywhere

* Move to storing dates as carbon rather than strings.  Allows for the parsing of more arbitrary strings from the importer

* Add a license importer with support for checking out to users or assets.

* Make a directory for sample/mock import csvs and populate it

* Adjust how we store/retrieve dates to fix some issues the tests found.
2017-01-10 16:19:18 -08:00
Daniel Meltzer 6ce20c32b1 Component Importer and various Importer Fixes (#3132)
* Importer fix: we were trimming the wrong part of the classname when creating a category.  This led to categories not being recognized.

* Add a component importer.  Uses same fields as consumable importer.  Only trick: If an asset_tag is present, we checkout a component to that asset on import

Enable component importer.  Also calculate the importer classname in a cleaner fashion.

* Fix comparisons.  find can return an index of 0, which is falsy.
2017-01-05 15:45:12 -08:00
Bob Clough f999c797e5 Allow a license to be pre-checked-out to an asset. (#3124)
Some licenses, such as windows licenses, are machine specific.  This
commit allows an extra field to be added to the license importer to
allow these licenses to be imported and attached directly to an asset
2017-01-03 16:55:21 -08:00
snipe 221cf1f9c8 Merge branch 'checkout-to-things-v1' of https://github.com/dmeltzer/snipe-it into dmeltzer-checkout-to-things-v1
# Conflicts:
#	app/Http/Controllers/AssetsController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/UsersController.php
#	app/Presenters/AssetPresenter.php
2016-12-29 16:20:17 -08:00
snipe 51ceaedfaf Small phpcbf cleanup 2016-12-29 14:02:18 -08:00
Daniel Meltzer d262aec4c3 Save Progress. 2016-12-27 19:24:41 -05:00
Daniel Meltzer 57374955a8 Importer rework (#3100)
* Step 1 of refactoring importer to use separate classes.

* Port web importer.  Fix an issue with validation where index 0 would be treated as false and cause weird results.

* Farewall, AssetImport.  You've served us well.
2016-12-26 15:16:42 -08:00
Daniel Meltzer 61543f3a04 Add presenters for models. (#3098)
* Add presenters for models.  Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot.  Move view specific modifications from the models to the presenters as well.

* Fix some issues found by travis and codacy

* Fix a few more issues found while testing.

* Attempt another acceptance test fix

* Try something else

* Maybe..
2016-12-23 17:52:00 -08:00
snipe d6b7036518 NOT FINISHED: Added case for component import
This is not finished. The actual component creation isn’t written yet
2016-12-22 16:06:55 -08:00
Daniel Meltzer cd8c585377 Discussion: Moving to policies for controller based authorization (#3080)
* Make delete routes work.  We put a little form in the modal that spoofs the delete field.

* Fix route on creating a user.

* Fix redundant id parameter.

* Port acceptance tests to new urls.

* Initial work on migrating to model based policies instead of global gates.  Will allow for much more detailed permissions bits in the future.

* This needs to stay for the dashboard checks.

* Add user states for permissions to build tests.

* Build up unit tests for gates/permissions.  Move accessories/consumables/assets to policies instead of in authserviceprovider

* Migrate various locations to new syntax.  Update test to be more specific

* Fix functional tests.

Add an artisan command for installing a settings setup on travis-ci

* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.

* Try to fix travis

* Update urls to use routes and not hardcode old paths.  Also fix some migration errors found along the way.:

* Add a environment for travis functional tests.

* Adjust config file to make travis use it.

* Use redirect()->route instead of redirect()-to

* Dump all failures in the output directory if travis fails.

* Cleanups and minor fixes.

* Adjust the supplier modelfactory to comply with new validation restrictions.

* Some test fixes.

* Locales can be longer than 5 characters according to faker... fex gez_ET.  Increase lenght in mysql and add a validation

* Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
snipe 1be22cf051 Improved versioning script 2016-12-01 02:53:41 -08:00
Daniel Meltzer d722ed3823 Partialize forms (#2884)
* Consolidate edit form elements into reusable partials.

This is a large code change that doesn't do much immediately.  It
refactors all of the various edit.blade.php files to reference
standardized partials, so that they all reference the same base html
layout. This has the side effect of moving everything to the new fancy
"required" indicators, and making things look consistent.

In addition, I've gone ahead and renamed a few database fields.  We had
Assetmodel::modelno and Consumable::model_no, I've renamed both to
model_number.  We had items using ::note and ::notes, I've standardized
on ::notes.  Component used total_qty where consumables and accessories
used qty, so I've moved everything to qty (And fixed a few bugs in the
helper file in the process.

TODO includes looking at how/where to place the modal javascripts to
allow for on the fly creation from all places, rather than just the
asset page.

Rename assetmodel::modelno to model_number for clarity and consistency

Rename consumable::model_no to model_number for clarity and consistency

Rename assetmodel::note to notes for clarity and consistency

Port asset and assetmodel to new partials layout.  Adapt all code to the renamed model_number and notes database changes.  Fix some stying.

* Share a settings variable with all views.

* Allow editing the per_page setting.  We showed the value, but we never showed it on the edit page..

* use snipeSettings in all views instead of the long ugly path.

* War on partials. Centralize all bootstrap table javascript

* Use model_number instead of modelno in importer

* Codacy fix.

* More unification/deduplication.  Create an edit form template layout that we use as the base for all edit forms.  This gives the same interface for editing everything and makes the edit.blade.* files much easier to read.

* Use a ViewComposer instead of sharing the variable directly.  Fixes artisan optimize trying to hit the db--which ruins new installs

* Fix DB seeder.

* Base sql dump and csv's to import data from for tests.

* Start some functional tests for creating items.

* Add functional tests for all create methods.  Still need to do tests for edits, deletes, and lots of other things

* Improvements to functional tests.

Use the built in DB seeding mechanism instead of doing it ourselves.
Break the tests into multiple units, rather than testing everything in
each function.

* Some improvements to acceptance tests.

Make sure we're only looking at the "trs" within the bootstrap table.
Creation of assets is now tested at the functional level (and is faster)
so ignore it here.

I'm testing acceptance tests with the
IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder
imported.

* A few things to make acceptance tests work.  Add a name to the companies table, and make the locations table have the correct name

* Use a .env.tests file for testing functional and unit to allow a separate database.

* Add functional tests for compoents, groups, and licenses.

* Now that the config is in the functional.yml, this just confuses things.

* Start some functional tests for creating items.

* Add functional tests for all create methods.  Still need to do tests for edits, deletes, and lots of other things

* Improvements to functional tests.

Use the built in DB seeding mechanism instead of doing it ourselves.
Break the tests into multiple units, rather than testing everything in
each function.

* Some improvements to acceptance tests.

Make sure we're only looking at the "trs" within the bootstrap table.
Creation of assets is now tested at the functional level (and is faster)
so ignore it here.

I'm testing acceptance tests with the
IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder
imported.

* update db dump

* Update tests to new reality

* env for the test setup

* only load the database at beginning of tests, not between each Functional test.

* Fix a miss from renaming note to notes.

* Set Termination date when creating an asset.  It was only set on edit.

* Rename serial_number to serial in components for consistency.

* Update validation rules to match limits in database.  Currently we just accepted the values and they were truncated when adding to DB.

* Much more detailed functional testing of creating items.  This checks to make sure all values on form have been successfully persisted to database.
2016-11-16 16:56:57 -08:00
snipe a182d8c924 Fixes #1348 - LDAP sync in artisan command
TODO:

Make the LDAP sync page work using this command to avoid code duplication
2016-10-31 20:59:46 -07:00
Daniel Meltzer a418dece80 Better checking for empty values when updating. (#2811)
* Better checking for empty values when updating.  There's a lot of conditionals in here that we may want to look at cleaning up over time

* Fix typo.  No manfacturers here.

* Fix model update/import.  Also hardcode the status id of unset assets to the first existing one instead of an id that may not exist... Still not ideal, but better.

* Let requests to .env through the middleware.  We check to see if this is readable during setup as a warning, and as it stands it triggers an infinite loop trying to hit the file.
2016-10-25 19:51:13 -07:00
snipe 59ce46dce7 Merge branch 'hotfixes/use_modelno_if_no_name_in_import' into develop 2016-10-25 03:53:45 -07:00
snipe 2dbd1089f5 Use model number if model name is blank 2016-10-25 03:53:19 -07:00
Daniel Meltzer e85241af6a Log checkouts (#2772)
* Ensure the log has a target before trying to fetch the associated company

* Log creation of items, both in importer and manually
2016-10-12 18:45:32 -07:00
Andrés Núñez 40f00665b3 Translate emails (#2652)
* commit temporal

* final translation commit -- added email translations

* final translation commit -- removed file for spanish translations

* final translation commit -- removed file for spanish translations

* added missing translations

* method overrided and config files back to default

* config files back to default

* config files back to default
2016-09-26 14:13:07 -07:00
snipe bd5e6d8551 Add reply-to config setting 2016-09-20 07:20:10 -07:00
Daniel Meltzer e86adccf19 Actionlog Class: Improvements and polymorphism (#2561)
* Save progress

* Create a new action_log table to replace asset_log.  Use Polymorphism to generalize class and targets.  Port everything I can find to use it.  Add a migration to port the asset_logs table to action_logs.

* Allow accepted_id to be nullable.

* Comment out the thread_id migration, because it b0rks on a new database with the move.  I'm unsure if the thread_id does anything...It doesn't seem to be used

* Clean up all old methods from Actionlog model.  Port everything to use new cleaner interface.

* Port the actionlog factory to fix travis.

* Adjust code to work on php5.  Also fix lurking adminlog call.

* Remove weird code

* Port the pave command.  Also fix dangling adminlog
2016-09-06 19:39:42 -07:00
snipe 2cfb015b1a Removed extra debugging info 2016-08-29 23:13:30 -07:00
snipe e4dcd47d6c Fix UTF-8 issues in imports 2016-08-29 22:57:48 -07:00
Daniel Meltzer 276e0a7114 Importer: Implement item update and interface improvments (#2507)
* Add support for updating assets to the importer.

If an asset with a matching asset tag is found, and the --update flag is
passed to the importer, we edit the matching asset with any
asset-specific values, and persist to the database.  Any missing/blank
values are skipped.

TODO: Add to web interface, add support in consumables/accessories

* Allow deleting of files on the import page.

* Extend web interface to allow updating of imported items.

This adds a modal dialog to the import process.  Currently the dialog
allows the choice of update vs ignore, and choosing the item type to
import (Accessory, Asset, Consumable).

Also use Helper::ParseFloat() for purchase_cost processing.  It exists,
and fixes issues on my end at least.

* Implement editing of consumables and accessories.

* Rename getProcessImportFile to postProcessImportFile to reflect how it's now used

* Fix copy-pasta error.
2016-08-29 15:49:32 -07:00
snipe 4cf2d16c7a Temp fix for number import on cost 2016-08-23 19:01:40 -07:00
snipe be8049b41a Include asset maintenances in purge 2016-08-18 07:06:15 -07:00
snipe 6fe639f490 Skip email if no email domain is given 2016-08-02 12:30:02 -07:00
snipe a5467ba25d Slug the username to handle spaces, etc. 2016-08-02 11:12:28 -07:00
snipe 987b969e88 Move bcrypt out of loop for object importer 2016-07-25 22:31:33 -07:00
snipe e256bdc9f7 Clearer version in footer 2016-07-21 21:39:23 -07:00
snipe 2e6e0e8911 Fixed versioning path 2016-07-21 21:30:49 -07:00
snipe 52425f62c5 Set default values for status labels in import 2016-07-19 15:49:04 -07:00
Daniel Meltzer 68d8e6a3a9 Importer again (#2260)
* Quote item names when displaying in error table.

* Remove the danger class as well as the warning class when uploading a file.  Fixes a display error if a file is successful after a file fails upload.
2016-07-18 15:46:03 -07:00
snipe 8d71e6b268 Fixed indenting 2016-07-09 18:20:57 -07:00
Daniel Meltzer 25b916afeb Show the name of the item with errors in the table. 2016-06-22 17:09:04 -04:00
snipe 4ed8ff5576 Formatting fixes for coding standards 2016-06-22 12:27:41 -07:00
snipe 8942e085c3 Merge pull request #2189 from dmeltzer/importer-improvements
Two more importer fixes.
2016-06-22 12:20:13 -07:00
Daniel Meltzer eba6574047 Add a space to the signature to make the --soft option work. 2016-06-22 15:13:43 -04:00
Daniel Meltzer 43e64a5f8c Store a list of errors associated with each field instead of overwriting the error if multiple occur. Also Adjust the importer to extract the asset tag earlier in the process so all asset related errors are associated with the asset tag rather than some being tied to the name. 2016-06-22 15:13:01 -04:00
snipe 49bf9f8b5b Switch null to lowercase for code style adherence 2016-06-21 11:06:53 -07:00
Daniel Meltzer d6dd449445 Only show importer progress if on command line. It broke error display from web. 2016-06-20 00:09:17 -04:00
Daniel Meltzer 8c00bad6d0 Add a check to ensure custom fields exist before iterating through them 2016-06-20 00:09:17 -04:00
Daniel Meltzer 4715cc6447 Pass user id to importer. This shows items imported through web interface as created by the appropriate user. Also save warranty_months to item, not just read it from csv. Fixes #2175 2016-06-20 00:09:17 -04:00
snipe b4d6842a7c Minor formatting changes, added DB call for custom fields 2016-06-13 21:45:52 -07:00
snipe f3e42384c5 Hardcoded higher PHP execution limits 2016-06-13 21:41:09 -07:00
snipe 6fa4d1252d Fixes purchase date if no purchase date given 2016-06-10 05:00:49 -07:00
snipe bbb116f29c Fixes #2142 2016-06-09 12:25:51 -07:00
Daniel Meltzer 6ba37a3a8d Add a 'soft' delete option to the pave tool. This leaves db structure and migrations in place but removes everything inside the db except the first user. 2016-06-05 10:24:42 -05:00
snipe 9f6eb02afc Don't purge users where show_in_list = 1
This is necessary so hosted customers can't hard-delete my account :-/
2016-06-03 12:13:59 -07:00
Daniel Meltzer da01591ab8 Case insensitive string comparison for items when comparing with existing items. Fixes some false errors. Also remove stray characters from manufacturer logging. 2016-06-01 19:31:24 -05:00
Daniel Meltzer a729038ccd Fix typo. 2016-05-31 19:00:11 -05:00
Daniel Meltzer dab2a50982 Only display errors in import table if things actually prevent the asset from being created. Also some table formatting improvements. 2016-05-31 18:04:01 -05:00
Daniel Meltzer 004c63cd5d Improve web imported. Show a list of all items with that were not imported correctly after import. Modify ObjectImporter and add a web-import parameter that causes it to spit out json errors exclusively. Long term I want to separate the console command and the logic so we aren't calling the console command directly, but rather a class that does everything. This would allow for easier progress reports and ajaxification. 2016-05-26 21:29:29 -05:00
Daniel Meltzer 891c37b2ed Add warranty months. Also fix a merge issue where things reverted back to comment instead of log. 2016-05-25 21:13:26 -05:00
Daniel Meltzer e353df588f Importer improvements. If user real name doesn't exist don't try to create the user. 2016-05-25 20:47:46 -05:00
Daniel Meltzer fd0d04eba4 Import status labels. 2016-05-25 20:46:01 -05:00
Daniel Meltzer 22c6f32e92 Instead of a field in the csv, set whether assets, consumables, or accessories are generated by an option on the command line. Also Adjustconsumables/accessories to function smoother. 2016-05-25 20:37:19 -05:00
Daniel Meltzer 04428d2d07 Replace console output in ObjectImporter with a logging mechanism. Also track all model/validation errors and output them at the end of the import, rather than inline. 2016-05-25 20:37:19 -05:00
snipe 64d818e56e Fixed License and LicenseSeat namespaces for importer 2016-05-24 02:17:10 -07:00
snipe d6715914e1 Fixed supplier namespace 2016-05-24 02:13:28 -07:00
snipe f10b3b7cdb Fix for license importer 2016-05-24 01:51:47 -07:00
snipe 2b1bf9f7f3 Merge branch 'v3' of github.com:snipe/snipe-it into v3 2016-05-19 19:34:11 -07:00
snipe 15eb6df1db Add settings for alert interval threshold and inventory threshold 2016-05-19 19:33:53 -07:00
Daniel Meltzer 592ce4c2de Readd sample.csv. Also port away from Sentry in the importer to be laravel5 compliant. 2016-05-18 23:33:18 -05:00
Daniel Meltzer 4f70fa88d9 Rename to snipeit:import 2016-05-18 22:40:02 -05:00
Daniel Meltzer 173c3de36a Add the asset to the cache after creating it as well. 2016-05-18 22:40:02 -05:00
Daniel Meltzer 2a56148ec2 Remove extraneuous htmlentities() calls, now that we call it in array_smart_fetch 2016-05-18 22:40:02 -05:00
Daniel Meltzer df749f26f5 Add the company/suppliers to the cache. This fixes some issues with duplicate items existing 2016-05-18 22:40:02 -05:00
Daniel Meltzer 191ae110d0 * Alphabetize the createOrFetch methods
* Move the html escaping to array_smart_fetch to avoid duplication
* Ensure string comparisons have === everywhere
2016-05-18 22:40:02 -05:00
Daniel Meltzer 5821127a79 Update/port ObjectImportComandd to work with v3. Also change to do one big transactional commit instead of writing to db after each item. Went from a 2 minute import to a 5 second import for a 2000 item file. I still need to do some more santization of the input and work on error handling, but this seems to be in decent shape. 2016-05-18 22:40:02 -05:00
snipe beed74c0d0 Add extra tables for drop 2016-05-14 15:04:51 -07:00
snipe 252b114b5f Fixed case sensitive model for status labels 2016-05-12 17:23:51 -07:00
snipe b9b8149234 Minor backups fixes 2016-05-12 16:20:23 -07:00
snipe 8dc0dc0a07 Update permissions for cli user tool 2016-04-28 20:56:27 -07:00
snipe 7b489ad1ec Ability to suppress users from checkoutable list 2016-04-28 20:19:22 -07:00
snipe 32c193b9bf [Bugfix] Fixed Mail namespace 2016-04-23 04:02:52 -07:00
snipe c3b7332e3b [Bugfix] Fixed Mail namespace 2016-04-23 04:02:40 -07:00
snipe 599066cbde Use error method to highlight errors in import console 2016-04-19 04:36:25 -07:00
snipe 49c09dd356 Added ability to purge soft-deletes from admin 2016-04-19 04:36:07 -07:00
snipe 18869550a7 Fixed stray quotes 2016-04-19 02:28:54 -07:00
snipe 9de2725de0 More purge fixes 2016-04-19 01:38:11 -07:00
snipe a8ff632740 Fixes asset purge 2016-04-19 01:27:04 -07:00
snipe 74400eb9a1 Purge function to delete all soft-deleted items 2016-04-19 00:47:54 -07:00
snipe 4161a8af29 Change snipe-it commands to use common namespace 2016-04-19 00:47:32 -07:00
snipe f1ad5461d8 Feature: Artisan command to allow you to disable LDAP in case you lock yourself out. 2016-04-14 11:59:01 -07:00
snipe 2b74fd86cb Trying to fix backup script
This is still broken, but I will come back to it
2016-03-25 17:21:01 -07:00
snipe fe00b0e401 Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00