mirror of
https://github.com/snipe/snipe-it.git
synced 2024-11-13 17:14:10 -08:00
6756dd193e
Cleaning up routes to match laravel-scim-server's recommended implementation Some actually *working* changes for SCIM support?! Whoops, forgot my route file Fix public SCIM routes Removed Ziggy, removed old generated file, yanked Ziggy references Resolves the first set of comments for SCIM Ensure all /api routes have baseUrl prepended Fix the parent:: call to be, uh, actually correct :P Clarify the route-ordering, as it is quite tricky This gets it so that users can actually be saved.. Work around the lack of callbacks with some inheritance Mapped a bunch more fields from SCIM into Snipe-IT's user table More baseUrl shenanigans since we yanked Ziggy :/ Properly map job title and work with some other necessary attributes Map more fields... Finalized basic mapping for core and enterprise namespaces Latest tuned settings for SCIM config to work with Azure (and others)
434 lines
16 KiB
PHP
Executable file
434 lines
16 KiB
PHP
Executable file
<?php
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| DO NOT EDIT THIS FILE DIRECTLY.
|
|
|--------------------------------------------------------------------------
|
|
| This file reads from your .env configuration file and should not
|
|
| be modified directly.
|
|
*/
|
|
|
|
return [
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application Name
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This value is the name of your application. This value is used when the
|
|
| framework needs to place the application's name in a notification or
|
|
| any other location as required by the application or its packages.
|
|
*/
|
|
|
|
'name' => env('SITE_NAME', 'Snipe-IT'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application Environment
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This value determines the "environment" your application is currently
|
|
| running in. This may determine how you prefer to configure various
|
|
| services your application utilizes. Set this in your ".env" file.
|
|
|
|
|
*/
|
|
|
|
'env' => env('APP_ENV', 'production'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Result Limit
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This value determines the max number of results to return, even if a higher limit
|
|
| is passed in the API request. This is done to prevent server timeouts when
|
|
| custom scripts are requesting 100k assets at a time.
|
|
|
|
|
*/
|
|
|
|
'max_results' => env('MAX_RESULTS', 500),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application Debug Mode
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| When your application is in debug mode, detailed error messages with
|
|
| stack traces will be shown on every error that occurs within your
|
|
| application. If disabled, a simple generic error page is shown.
|
|
|
|
|
*/
|
|
|
|
'debug' => env('APP_DEBUG', false),
|
|
'warn_debug' => env('WARN_DEBUG', true),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application URL
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This URL is used by the console to properly generate URLs when using
|
|
| the Artisan command line tool. You should set this to the root of
|
|
| your application so that it is used when running Artisan tasks.
|
|
|
|
|
*/
|
|
|
|
'url' => env('APP_URL', 'http://localhost'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application Timezone
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Here you may specify the default timezone for your application, which
|
|
| will be used by the PHP date and date-time functions. We have gone
|
|
| ahead and set this to a sensible default for you out of the box.
|
|
|
|
|
*/
|
|
|
|
'timezone' => env('APP_TIMEZONE', 'UTC'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application Locale Configuration
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The application locale determines the default locale that will be used
|
|
| by the translation service provider. You are free to set this value
|
|
| to any of the locales which will be supported by the application.
|
|
|
|
|
*/
|
|
|
|
'locale' => env('APP_LOCALE', 'en'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Application Fallback Locale
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The fallback locale determines the locale to use when the current one
|
|
| is not available. You may change the value to correspond to any of
|
|
| the language folders that are provided through your application.
|
|
|
|
|
*/
|
|
|
|
'fallback_locale' => 'en',
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Encryption Key
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This key is used by the Illuminate encrypter service and should be set
|
|
| to a random, 32 character string, otherwise these encrypted strings
|
|
| will not be safe. Please do this before deploying an application!
|
|
|
|
|
*/
|
|
|
|
'key' => env('APP_KEY'),
|
|
|
|
'cipher' => env('APP_CIPHER', 'AES-256-CBC'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Logging Configuration
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Here you may configure the log settings for your application. Out of
|
|
| the box, Laravel uses the Monolog PHP logging library. This gives
|
|
| you a variety of powerful log handlers / formatters to utilize.
|
|
|
|
|
| Available Settings: "single", "daily", "syslog", "errorlog"
|
|
|
|
|
*/
|
|
|
|
'log' => env('APP_LOG', 'single'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Logging Max Files
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| When using the daily log mode, Laravel will only retain 5
|
|
| days of log files by default.
|
|
|
|
|
| To change this, set the APP_LOG_MAX_FILES option in your .env.
|
|
|
|
|
*/
|
|
|
|
'log_max_files' => env('APP_LOG_MAX_FILES', 5),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Logging Detail
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| By default, Laravel writes all log levels to storage. However, in your
|
|
| production environment, you may wish to configure the minimum severity that
|
|
| should be logged by editing your APP_LOG_LEVEL env config.
|
|
|
|
|
| Laravel will log all levels greater than or equal to the specified severity.
|
|
| For example, a default log_level of error will log error, critical, alert,
|
|
| and emergency messages.
|
|
|
|
|
| APP_LOG_LEVEL options are:
|
|
| "debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"
|
|
|
|
|
*/
|
|
|
|
'log_level' => env('APP_LOG_LEVEL', 'error'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Default Storage path for private uploads
|
|
|--------------------------------------------------------------------------
|
|
| This is the path for any uploaded files that have to be run through the
|
|
| auth system to ensure they are not visible to the public. These should be
|
|
| stored somewhere outside of the web root so that an unauthenticated user
|
|
| cannot access them.
|
|
|
|
|
| For example: license keys, contracts, etc.
|
|
|
|
|
*/
|
|
|
|
'private_uploads' => storage_path().'/private_uploads',
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| ALLOW I-FRAMING
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Normal users will never need to edit this. This option lets you run
|
|
| Snipe-IT within an I-Frame, which is normally disabled by default for
|
|
| security reasons, to prevent clickjacking. It should normally be set to false.
|
|
|
|
|
*/
|
|
|
|
'allow_iframing' => env('ALLOW_IFRAMING', false),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| ENABLE HTTP Strict Transport Security (HSTS)
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This is set to default false for backwards compatibilty but should be
|
|
| set to true if the hosting environment allows it.
|
|
|
|
|
| See https://scotthelme.co.uk/hsts-the-missing-link-in-tls/
|
|
|
|
|
*/
|
|
|
|
'enable_hsts' => env('ENABLE_HSTS', false),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| REFERRER-POLICY
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This is an additional security header that browsers use to determine
|
|
| whether they should report back URL referrer information.
|
|
|
|
|
| Read more: https://www.w3.org/TR/referrer-policy/
|
|
|
|
|
*/
|
|
|
|
'referrer_policy' => env('REFERRER_POLICY', 'same-origin'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| CSP
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Disable the content security policy that restricts what scripts, images
|
|
| and styles can load. (This should be left as false if you don't know
|
|
| what this means.)
|
|
|
|
|
| Read more: https://www.w3.org/TR/CSP/
|
|
| Read more: https://content-security-policy.com
|
|
|
|
|
*/
|
|
|
|
'enable_csp' => env('ENABLE_CSP', false),
|
|
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Require SAML Login
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Disable the ability to login via form login, and disables the 'nosaml'
|
|
| workaround. It requires all logins to process via SAML login.
|
|
| (This is for high security setups. If your SAML configuration is not
|
|
| working, this option should be set to false. This option is not needed
|
|
| to successfully configure SAML authentication.)
|
|
|
|
|
*/
|
|
|
|
'require_saml' => env('REQUIRE_SAML', false),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Demo Mode Lockdown
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Normal users will never need to edit this. This option lets you run a
|
|
| version of Snipe-IT with limited functionality to prevent demo abuse.
|
|
|
|
|
*/
|
|
|
|
'lock_passwords' => env('APP_LOCKED', false),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Minimum PHP version
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Do not change this variable.
|
|
|
|
|
*/
|
|
|
|
'min_php' => '7.2.5',
|
|
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Autoloaded Service Providers
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The service providers listed here will be automatically loaded on the
|
|
| request to your application. Feel free to add your own services to
|
|
| this array to grant expanded functionality to your applications.
|
|
|
|
|
*/
|
|
|
|
'providers' => [
|
|
|
|
/*
|
|
* Laravel Framework Service Providers...
|
|
*/
|
|
Illuminate\Auth\AuthServiceProvider::class,
|
|
Illuminate\Broadcasting\BroadcastServiceProvider::class,
|
|
Illuminate\Bus\BusServiceProvider::class,
|
|
Illuminate\Cache\CacheServiceProvider::class,
|
|
Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
|
|
Illuminate\Cookie\CookieServiceProvider::class,
|
|
Illuminate\Database\DatabaseServiceProvider::class,
|
|
Illuminate\Encryption\EncryptionServiceProvider::class,
|
|
Illuminate\Filesystem\FilesystemServiceProvider::class,
|
|
Illuminate\Foundation\Providers\FoundationServiceProvider::class,
|
|
Illuminate\Hashing\HashServiceProvider::class,
|
|
Illuminate\Mail\MailServiceProvider::class,
|
|
Illuminate\Notifications\NotificationServiceProvider::class,
|
|
Illuminate\Pagination\PaginationServiceProvider::class,
|
|
Illuminate\Pipeline\PipelineServiceProvider::class,
|
|
Illuminate\Queue\QueueServiceProvider::class,
|
|
Illuminate\Redis\RedisServiceProvider::class,
|
|
Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
|
|
Illuminate\Session\SessionServiceProvider::class,
|
|
Illuminate\Translation\TranslationServiceProvider::class,
|
|
Illuminate\Validation\ValidationServiceProvider::class,
|
|
Illuminate\View\ViewServiceProvider::class,
|
|
Barryvdh\DomPDF\ServiceProvider::class,
|
|
|
|
/*
|
|
* Package Service Providers...
|
|
*/
|
|
|
|
Intervention\Image\ImageServiceProvider::class,
|
|
Collective\Html\HtmlServiceProvider::class,
|
|
Spatie\Backup\BackupServiceProvider::class,
|
|
Fideloper\Proxy\TrustedProxyServiceProvider::class,
|
|
PragmaRX\Google2FALaravel\ServiceProvider::class,
|
|
Laravel\Passport\PassportServiceProvider::class,
|
|
Laravel\Tinker\TinkerServiceProvider::class,
|
|
Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class,
|
|
Eduardokum\LaravelMailAutoEmbed\ServiceProvider::class,
|
|
|
|
/*
|
|
* Application Service Providers...
|
|
*/
|
|
App\Providers\AppServiceProvider::class,
|
|
App\Providers\AuthServiceProvider::class,
|
|
App\Providers\EventServiceProvider::class,
|
|
App\Providers\RouteServiceProvider::class,
|
|
App\Providers\SettingsServiceProvider::class,
|
|
App\Providers\ValidationServiceProvider::class,
|
|
|
|
/*
|
|
* Custom service provider
|
|
*/
|
|
App\Providers\MacroServiceProvider::class,
|
|
App\Providers\SamlServiceProvider::class,
|
|
|
|
],
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Class Aliases
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This array of class aliases will be registered when this application
|
|
| is started. However, feel free to register as many as you wish as
|
|
| the aliases are "lazy" loaded so they don't hinder performance.
|
|
|
|
|
*/
|
|
|
|
'aliases' => [
|
|
|
|
'App' => Illuminate\Support\Facades\App::class,
|
|
'Artisan' => Illuminate\Support\Facades\Artisan::class,
|
|
'Auth' => Illuminate\Support\Facades\Auth::class,
|
|
'Blade' => Illuminate\Support\Facades\Blade::class,
|
|
'Bus' => Illuminate\Support\Facades\Bus::class,
|
|
'Cache' => Illuminate\Support\Facades\Cache::class,
|
|
'Config' => Illuminate\Support\Facades\Config::class,
|
|
'Cookie' => Illuminate\Support\Facades\Cookie::class,
|
|
'Crypt' => Illuminate\Support\Facades\Crypt::class,
|
|
'Date' => Illuminate\Support\Facades\Date::class,
|
|
'DB' => Illuminate\Support\Facades\DB::class,
|
|
'Eloquent' => Illuminate\Database\Eloquent\Model::class,
|
|
'Event' => Illuminate\Support\Facades\Event::class,
|
|
'File' => Illuminate\Support\Facades\File::class,
|
|
'Gate' => Illuminate\Support\Facades\Gate::class,
|
|
'Hash' => Illuminate\Support\Facades\Hash::class,
|
|
'Lang' => Illuminate\Support\Facades\Lang::class,
|
|
'Log' => Illuminate\Support\Facades\Log::class,
|
|
'Mail' => Illuminate\Support\Facades\Mail::class,
|
|
'Notification' => Illuminate\Support\Facades\Notification::class,
|
|
'Password' => Illuminate\Support\Facades\Password::class,
|
|
'PDF' => Barryvdh\DomPDF\Facade::class,
|
|
'Queue' => Illuminate\Support\Facades\Queue::class,
|
|
'Redirect' => Illuminate\Support\Facades\Redirect::class,
|
|
'Redis' => Illuminate\Support\Facades\Redis::class,
|
|
'Request' => Illuminate\Support\Facades\Request::class,
|
|
'Response' => Illuminate\Support\Facades\Response::class,
|
|
'Route' => Illuminate\Support\Facades\Route::class,
|
|
'Schema' => Illuminate\Support\Facades\Schema::class,
|
|
'Session' => Illuminate\Support\Facades\Session::class,
|
|
'Storage' => Illuminate\Support\Facades\Storage::class,
|
|
'URL' => Illuminate\Support\Facades\URL::class,
|
|
'Validator' => Illuminate\Support\Facades\Validator::class,
|
|
'View' => Illuminate\Support\Facades\View::class,
|
|
'Form' => Collective\Html\FormFacade::class,
|
|
'Html' => Collective\Html\HtmlFacade::class,
|
|
'Google2FA' => PragmaRX\Google2FALaravel\Facade::class,
|
|
'Image' => Intervention\Image\ImageServiceProvider::class,
|
|
'Carbon' => Carbon\Carbon::class,
|
|
'Helper' => App\Helpers\Helper::class, // makes it much easier to use 'Helper::blah' in blades (which is where we usually use this)
|
|
|
|
|
|
],
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| API Throttling
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This value determines the number of API requests permitted per minute
|
|
|
|
|
*/
|
|
|
|
'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120),
|
|
|
|
];
|