mirror of
https://github.com/snipe/snipe-it.git
synced 2025-03-05 20:52:15 -08:00
9c8ca6af21
commite321aeabaeMerge:8ec99ff4337568ae9eAuthor: snipe <snipe@snipe.net> Date: Mon Aug 31 12:14:44 2020 -0700 Merge branch 'master' into integrations/2020-08-31-v5-rc # Conflicts: # .all-contributorsrc # .nvmrc # README.md # app/Console/Commands/LdapSync.php # app/Http/Controllers/Api/ConsumablesController.php # app/Http/Controllers/Api/ImportController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/LoginController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/UsersController.php # app/Importer/import_mappings.md # app/Models/Ldap.php # app/Models/Loggable.php # composer.json # composer.lock # config/version.php # public/css/build/all.css # public/css/dist/all.css # public/css/skins/skin-contrast.css # public/css/skins/skin-contrast.css.map # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/dist/all.js # public/mix-manifest.json # resources/assets/js/components/importer/importer-file.vue # resources/assets/less/overrides.less # resources/macros/macros.php # resources/views/custom_fields/fieldsets/view.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/labels.blade.php # resources/views/hardware/view.blade.php # resources/views/layouts/default.blade.php # resources/views/modals/model.blade.php # resources/views/modals/user.blade.php # resources/views/users/index.blade.php # routes/api.php # routes/web/fields.php # tests/unit/UserTest.php commit37568ae9ecMerge:01a83216932ad9050cAuthor: snipe <snipe@snipe.net> Date: Tue Aug 25 20:49:37 2020 -0700 Merge pull request #8365 from snipe/fixes/8338_google_maps_CSP Fixed #8338 - Added google maps to CSP commit32ad9050cfAuthor: snipe <snipe@snipe.net> Date: Tue Aug 25 20:48:53 2020 -0700 Added google maps to CSP commit01a832169cMerge:bcad49ce73c6883489Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:38:31 2020 -0700 Merge pull request #8364 from snipe/fixes/8335_assigned_to_null_on_status_assetlist Fixed #8335 - added assignedTo scope on status labels API call for assetlist commit3c6883489cAuthor: snipe <snipe@snipe.net> Date: Tue Aug 25 20:37:30 2020 -0700 Added assignedTo scope commitbcad49ce79Author: snipe <snipe@snipe.net> Date: Fri Aug 14 16:10:22 2020 -0700 Try to better handle slack “too many requests” issue commitb5acca89d7Author: snipe <snipe@snipe.net> Date: Fri Aug 14 16:02:15 2020 -0700 Check for admin for slack notifications commite52919cf1bMerge:714576be429f3a5c48Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:35:15 2020 -0700 Merge pull request #8327 from snipe/features/checkin_license_from_all_users Checkin license from all users cli tool commit29f3a5c48fAuthor: snipe <snipe@snipe.net> Date: Fri Aug 14 15:27:40 2020 -0700 Use more verbose annotation for Auth::user if/else commit134e8e6fb9Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:25:07 2020 -0700 Moved user email nulling until after the save commit714576be45Merge:b999c50a2512899294Author: Brady Wetherington <bwetherington@grokability.com> Date: Fri Aug 14 15:24:03 2020 -0700 Merge pull request #8328 from snipe/fix_deprecation_report Fix deprecation report for customers with many active assets commit5128992940Author: Brady Wetherington <uberbrady@gmail.com> Date: Fri Aug 14 15:03:03 2020 -0700 Fix deprecation report for customers with many active assets commit0291323502Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:57:58 2020 -0700 Use the user as the target commite0f6f9b839Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:43:37 2020 -0700 Artisan command to check in licenses from all users commitf1a6308002Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:43:07 2020 -0700 Check for Auth::user before trying to log id (for cli) commitb999c50a2eMerge:9ca20e496e3906b245Author: snipe <snipe@snipe.net> Date: Wed Aug 12 12:37:47 2020 -0700 Merge pull request #8316 from Godmartinz/bug/ch15028/missing-or-incorrect-error-message-translation Looks great, thank you! commite3906b245cAuthor: Godfrey M <godmartinz@gmail.com> Date: Wed Aug 12 12:27:18 2020 -0700 added translation for admin/licenses/message.not_found commit9ca20e4964Merge:e0644dbbf456a74d88Author: Brady Wetherington <bwetherington@grokability.com> Date: Tue Aug 11 17:33:19 2020 -0700 Merge pull request #8313 from snipe/improve_ldap_search_error_reporting Improve ldap search error reporting commit456a74d88cAuthor: Brady Wetherington <uberbrady@gmail.com> Date: Tue Aug 11 16:41:20 2020 -0700 De-merge out incorrectly merged files. Whoops! commit799c059070Author: Brady Wetherington <uberbrady@gmail.com> Date: Tue Aug 11 16:21:18 2020 -0700 Add internationalized version of LDAP error message commitc62d43a778Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Aug 10 17:04:17 2020 -0700 Improve Exception management in Artisan LDAP Sync method. Still need to localize this better commitb725bd0faeAuthor: Brady Wetherington <uberbrady@gmail.com> Date: Mon Aug 10 17:23:04 2020 -0700 Add @PeterUpfold as a contributor commite0644dbbf6Merge:5b6925b00004ecad05Author: Brady Wetherington <bwetherington@grokability.com> Date: Mon Aug 10 17:22:31 2020 -0700 Merge pull request #8105 from PeterUpfold/PeterUpfold-7661workaround Propose workaround for #7661 — suppress E_DEPRECATED on ldap_control_paged_result() commit5b6925b00cAuthor: snipe <snipe@snipe.net> Date: Tue Aug 4 21:00:37 2020 -0700 Removed debugging :( commitdf17a859bfAuthor: snipe <snipe@snipe.net> Date: Tue Aug 4 20:59:54 2020 -0700 Changed modal IDs so manager creation modal works on user creation main page commit24c43056baAuthor: snipe <snipe@snipe.net> Date: Tue Aug 4 20:58:28 2020 -0700 Moved pGenerator script to default layout footer This fixes an issue where the password generator wouldn’t load in a modal in Chrome commit606b7e905dAuthor: snipe <snipe@snipe.net> Date: Fri Jul 31 17:02:33 2020 -0700 Small edits to PR template Slight text changes to ask specifics about versions commitd73ddad477Author: snipe <snipe@snipe.net> Date: Fri Jul 31 16:59:26 2020 -0700 Created a PR template First draft of the PR guidelines template commit9a39cf721eMerge:7410b16838994f3e15Author: snipe <snipe@snipe.net> Date: Fri Jul 31 12:18:49 2020 -0700 Merge pull request #8258 from ballertv/features/consumable-api This looks great, thank you! commit7410b16835Merge:e955c983ab09e7d19bAuthor: Brady Wetherington <bwetherington@grokability.com> Date: Fri Jul 24 16:22:44 2020 -0700 Merge pull request #8270 from snipe/improve_ad_useraccountcontrol_v4 Add new useraccountcontrol value for valid AD users commit8994f3e15eAuthor: andres <andresgutierrez535@gmail.com> Date: Wed Jul 22 19:57:06 2020 -0400 cleanup commitd23f1a77caAuthor: andres <andresgutierrez535@gmail.com> Date: Wed Jul 22 18:46:02 2020 -0400 implement checkout API commite955c983a3Merge:2fa17ac18eed41e454Author: snipe <snipe@snipe.net> Date: Wed Jul 22 13:43:29 2020 -0700 Merge pull request #8250 from snipe/features/adds_addr_city_state_to_importer Added address, city, state and country to importer and city to bulk editor commitb09e7d19b3Author: Brady Wetherington <uberbrady@gmail.com> Date: Wed Jul 22 13:32:16 2020 -0700 Add new useraccountcontrol value for valid AD users; document algorithm and values commit2fa17ac185Merge:b905154373b1e46f72Author: snipe <snipe@snipe.net> Date: Wed Jul 22 12:06:31 2020 -0700 Merge pull request #8254 from Godmartinz/gmartinez_adds_email_formats Added firstinitial.lastname, lastname_firstinitial, firstnamelastname… commit3b1e46f72bAuthor: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com> Date: Wed Jul 22 11:25:57 2020 -0700 Update general.php commit0c1a1de2a2Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com> Date: Wed Jul 22 11:24:36 2020 -0700 Update general.php fixed typo commit20c9ae5818Author: Godfrey M <godmartinz@gmail.com> Date: Wed Jul 22 10:21:19 2020 -0700 Added firstinitial.lastname, lastname_firstinitial, firstnamelastname and firstnamelastinitial to username formats commiteed41e4549Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:57:32 2020 -0700 Moved address down further, fixed broken HTML commitb750f4754fAuthor: snipe <snipe@snipe.net> Date: Tue Jul 21 16:49:54 2020 -0700 Added city to bulk user importer commitc17a06792aAuthor: snipe <snipe@snipe.net> Date: Tue Jul 21 16:49:38 2020 -0700 Added address, city, state, country to user importer commit4f76cc6cfbAuthor: snipe <snipe@snipe.net> Date: Tue Jul 21 16:46:13 2020 -0700 I don’t actually know what this file is for commitb905154373Author: snipe <snipe@snipe.net> Date: Mon Jul 20 14:29:32 2020 -0700 Fixed #8247 - added notes field to user details display commitdaf748e531Author: snipe <snipe@snipe.net> Date: Fri Jul 17 12:32:01 2020 -0700 Bumped hash commit799a93c46aAuthor: snipe <snipe@snipe.net> Date: Fri Jul 17 12:11:32 2020 -0700 Allow for email/username search on users commit34aa12e229Merge:81a633288897757bd0Author: snipe <snipe@snipe.net> Date: Thu Jul 16 17:44:13 2020 -0700 Merge pull request #8239 from snipe/fixes/api_rtd_to_location_on_create Set location_id to rtd_location_id on asset creation commit897757bd04Author: snipe <snipe@snipe.net> Date: Thu Jul 16 17:43:44 2020 -0700 Removed added line for location commitc7125c3937Author: snipe <snipe@snipe.net> Date: Thu Jul 16 16:34:39 2020 -0700 Set location_id to rtd_location_id on asset creation commit81a6332889Author: snipe <snipe@snipe.net> Date: Tue Jul 14 13:55:38 2020 -0700 Removed license ID from seats table cookie info This typically wouldn’t be necessary, since most people would want to view the same *types* of data across licenses commit6e563f6e4bMerge:5320f5c677f69ae953Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:54 2020 -0700 Merge branch 'master' of https://github.com/snipe/snipe-it commit5320f5c67cAuthor: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:45 2020 -0700 Disallow non-super users from editing their own permissions commit7f69ae953bMerge:c79f8c1ba17f6fbabfAuthor: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:00 2020 -0700 Merge pull request #8227 from snipe/fix_select2_ajax_pulldowns Changes how we do AJAX calls via Select2 for dynamic drop-down menus commit17f6fbabfaAuthor: Brady Wetherington <uberbrady@gmail.com> Date: Mon Jul 13 21:12:03 2020 -0700 Switch to 'items' to maintain compatbility with other internal API's commitc79f8c1bafMerge:12c92e30b536401fe0Author: snipe <snipe@snipe.net> Date: Mon Jul 13 17:42:16 2020 -0700 Merge pull request #8207 from EDVLeer/patch-1 Update snipeit.sh commite7a820f7c9Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Jul 13 17:14:31 2020 -0700 Changes how we do AJAX calls via Select2 for dynamic drop-down menus commit12c92e30b7Author: snipe <snipe@snipe.net> Date: Fri Jul 10 16:21:27 2020 -0700 Show whether or not the user was imported via LDAP in the view page commitfd10b755b0Author: snipe <snipe@snipe.net> Date: Fri Jul 10 11:30:01 2020 -0700 Removed the sr-only tag in table headers It was breaking Bootstrap Tables column selector :( commitdbbb7680d9Author: snipe <snipe@snipe.net> Date: Thu Jul 9 21:12:50 2020 -0700 A few more fixes for the cli Do not check out a piece of software if it’s already been checked out to the user commitcf0dd5bbadAuthor: snipe <snipe@snipe.net> Date: Thu Jul 9 20:43:13 2020 -0700 Small fixes for cli tool commit25e53d8c7fMerge:ec6ed256f89d433b41Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:27:01 2020 -0700 Merge pull request #8216 from snipe/features/checkout_license_to_all_users Added CLI tool to checkout license to all users commit89d433b41aAuthor: snipe <snipe@snipe.net> Date: Thu Jul 9 20:26:02 2020 -0700 Removed duplicate seat call commite2570ada6fAuthor: snipe <snipe@snipe.net> Date: Thu Jul 9 20:04:05 2020 -0700 CLI tool to checkout a license to ALL users commit45afe725a1Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:03:47 2020 -0700 Only try to get the company if there is an auth’d user (Needed for command line tools, where no Auth::user() is present) commit536401fe0fAuthor: EDVLeer <32170051+EDVLeer@users.noreply.github.com> Date: Tue Jul 7 08:21:36 2020 +0200 Update snipeit.sh Ubuntu 20.04 commitec6ed256fbAuthor: snipe <snipe@snipe.net> Date: Mon Jul 6 18:45:43 2020 -0700 Bumped minor version commit2aaa7bed2dMerge:339bdddc3cc9f1577aAuthor: snipe <snipe@snipe.net> Date: Thu Jun 25 18:37:41 2020 -0700 Merge pull request #8183 from snipe/features/merge_users Added merge utility commitcc9f1577a4Author: snipe <snipe@snipe.net> Date: Thu Jun 25 17:43:53 2020 -0700 Removed unused use directives commitab1fe8be0cAuthor: snipe <snipe@snipe.net> Date: Thu Jun 25 17:42:39 2020 -0700 Added merge utility commit339bdddc38Author: snipe <snipe@snipe.net> Date: Thu Jun 25 11:00:33 2020 -0700 Fix for Vue js not loading due to CSP :( commit35b9cf4b70Author: snipe <snipe@snipe.net> Date: Tue Jun 23 02:41:59 2020 -0700 Fixed missing db prefix on scopeDueOrOverdueForAudit commit7ccb41371eAuthor: snipe <snipe@snipe.net> Date: Tue Jun 23 01:09:39 2020 -0700 Removed unoptimized images directive securityheaders.com is claiming it’s onrecognized, even though I got that directive from their site, so… whatever. ¯\_(ツ)_/¯ commit2e60a457bfAuthor: snipe <snipe@snipe.net> Date: Tue Jun 23 01:07:00 2020 -0700 Dumb fix for feature-policy being dumb. commit2390d2160bMerge:b42801f6a00b051b8cAuthor: snipe <snipe@snipe.net> Date: Tue Jun 23 00:27:47 2020 -0700 Merge pull request #8164 from snipe/features/additional_security_headers Additional security headers commit00b051b8c7Author: snipe <snipe@snipe.net> Date: Tue Jun 23 00:26:09 2020 -0700 Added a few more comments commit05b3a9ad7eAuthor: snipe <snipe@snipe.net> Date: Mon Jun 22 23:17:27 2020 -0700 Config variable for HSTS commit4fb880384fAuthor: snipe <snipe@snipe.net> Date: Mon Jun 22 22:37:14 2020 -0700 Changed comment commit43042ad841Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:35:59 2020 -0700 Consolidated ReferrerPolicy into new SecurityHeaders file commita716382ac4Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:33:37 2020 -0700 Removed CSP middleware (it’s added in the general header) commit36c8f7f4f1Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:31:01 2020 -0700 Additional security headers commitb42801f6aeMerge:de4934f21946129f20Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:47:35 2020 -0700 Merge pull request #8163 from snipe/fixes/fix-for-css-on-column-selector Fixed weird padlock display in asset listing with encrypted custom fields commit946129f206Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:45:20 2020 -0700 Made quote style consistent commitb941ef1e08Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:41:40 2020 -0700 Pulled CSS font awesome styles out of the blade and into overrides.css commitd1aa11ec89Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:29:19 2020 -0700 Fix for weird padlock display in asset listing with encrypted custom fields commitde4934f21dMerge:af06e4205b10076b01Author: snipe <snipe@snipe.net> Date: Mon Jun 22 17:28:38 2020 -0700 Merge pull request #8162 from Godmartinz/godfreymartinez-ghi-font-size-of-qr_text Fixed #8161 and #8114 - font-size for labels used static values in blade instead of using values from settings commitb10076b015Author: Godfrey M <godmartinz@gmail.com> Date: Mon Jun 22 17:04:39 2020 -0700 corrected an error where font-size for labels were static in settings. commitaf06e42056Author: snipe <snipe@snipe.net> Date: Wed Jun 17 11:17:25 2020 -0700 Bumped version commit9a2440dc4bMerge:beae8efb22ac1c1636Author: snipe <snipe@snipe.net> Date: Tue Jun 16 20:20:07 2020 -0700 Merge pull request #8141 from snipe/fixes/better_handling_when_license_is_invalid Better handle the logic to determine if we should display the license checkout blade [ch13792] commit2ac1c1636cAuthor: snipe <snipe@snipe.net> Date: Tue Jun 16 16:12:57 2020 -0700 Better handle the logic to determine if we should display the license checkout blade commit004ecad059Author: Peter Upfold <pgithub@upfold.org.uk> Date: Wed Jun 3 08:59:50 2020 +0100 Force suppress deprecation warning on ldap_control_paged_result() commitbeae8efb21Merge:d14ab7e3e9839e5e56Author: snipe <snipe@snipe.net> Date: Wed May 27 23:01:33 2020 -0700 Merge pull request #8088 from Godmartinz/Label_Woes Barcode resizing and text adjustment commit9839e5e566Author: Godfrey M <godmartinz@gmail.com> Date: Wed May 27 12:27:40 2020 -0700 adjusted for all label text, removed local variable commitd14ab7e3e1Author: snipe <snipe@snipe.net> Date: Wed May 27 00:22:44 2020 -0700 Porting change from #8053 to master Signed-off-by: snipe <snipe@snipe.net> commite7f74d94c1Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:22:45 2020 -0700 Label_Woes commite97cf011b6Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:15:39 2020 -0700 Label_Woes commited23505054Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:10:45 2020 -0700 Label_Woes commit001e721530Merge:f886837668210da6e8Author: snipe <snipe@snipe.net> Date: Wed May 20 10:21:52 2020 -0700 Merge pull request #8063 from dmeltzer/backport-8092 BACKPORT: Fix Missing Category selection in Asset Model Modal dialog - [ch14635] commit8210da6e82Author: Daniel Meltzer <dmeltzer.devel@gmail.com> Date: Wed May 20 10:29:27 2020 -0400 Fix Missing Category selection in Asset Model Modal dialog. A select html tag needs a full closing tag. is not valid. This was causing the select2 js to barf and eat additional information. commitf88683766bAuthor: snipe <snipe@snipe.net> Date: Thu May 14 00:55:47 2020 -0700 Roll back previous change Signed-off-by: snipe <snipe@snipe.net> commite4385c0f8cAuthor: snipe <snipe@snipe.net> Date: Thu May 14 00:48:30 2020 -0700 Fixes #8051 regression Signed-off-by: snipe <snipe@snipe.net> commit0550fe0ffaAuthor: snipe <snipe@snipe.net> Date: Tue May 12 10:31:54 2020 -0700 Fix for session fixation vulnerability Signed-off-by: snipe <snipe@snipe.net> commit7fb3a9b82cMerge:9a2ed804cecb1e87feAuthor: snipe <snipe@snipe.net> Date: Mon May 11 22:41:36 2020 -0700 Merge pull request #8043 from snipe/features/backup-optional-in-import-and-ldap Added option to disable backup in import commitecb1e87fe6Author: snipe <snipe@snipe.net> Date: Mon May 11 20:45:15 2020 -0700 Updated assets Signed-off-by: snipe <snipe@snipe.net> commitf43df5f041Author: snipe <snipe@snipe.net> Date: Mon May 11 20:44:46 2020 -0700 Fixed form label Signed-off-by: snipe <snipe@snipe.net> commit95cc48e422Author: snipe <snipe@snipe.net> Date: Mon May 11 20:41:10 2020 -0700 Added option to disable backup in import Signed-off-by: snipe <snipe@snipe.net> commit9a2ed804caAuthor: snipe <snipe@snipe.net> Date: Mon May 11 20:28:42 2020 -0700 Fixed mismatched HTML header tags Signed-off-by: snipe <snipe@snipe.net> commitd20fad28e5Author: snipe <snipe@snipe.net> Date: Mon May 11 20:28:24 2020 -0700 Use more modern request helper Signed-off-by: snipe <snipe@snipe.net> commitae813ddf75Author: snipe <snipe@snipe.net> Date: Mon May 11 18:11:16 2020 -0700 Add @alek13 as a contributor commitbb42109c0cAuthor: snipe <snipe@snipe.net> Date: Mon May 11 18:10:45 2020 -0700 Added a clarifying comment Signed-off-by: snipe <snipe@snipe.net> commitf46ecf8ec0Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:20 2020 -0700 Updated composer lock Signed-off-by: snipe <snipe@snipe.net> commitb9e821c0e6Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:14 2020 -0700 Small fix for Group Functional Tests Signed-off-by: snipe <snipe@snipe.net> commit9ee28c7513Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:02 2020 -0700 Switched to use info instead of danger on undeployable statuses Signed-off-by: snipe <snipe@snipe.net> commit1a8ba06702Merge:0fd232e70ee4d69b1cAuthor: snipe <snipe@snipe.net> Date: Mon May 11 17:53:32 2020 -0700 Merge branch 'master' of https://github.com/snipe/snipe-it commit0fd232e70dAuthor: snipe <snipe@snipe.net> Date: Mon May 11 17:53:24 2020 -0700 Fixed group functional test (We had changed the minimum to 2 instead of 3) Signed-off-by: snipe <snipe@snipe.net> commitee4d69b1c5Merge:31c535094d1ad11194Author: snipe <snipe@snipe.net> Date: Mon May 11 17:52:45 2020 -0700 Merge pull request #8041 from alek13/patch-1 use supported package for slack commitd1ad111949Author: Alexander Chibrikin <alek13.me@gmail.com> Date: Mon May 11 20:31:13 2020 +0300 use supported package for slack see https://github.com/maknz/slack/issues/94 commit31c5350941Author: snipe <snipe@snipe.net> Date: Fri May 1 01:05:48 2020 -0700 Fixed incorrect route for groups edit Signed-off-by: snipe <snipe@snipe.net> commit7eb70e17e0Merge:5bb4f271a3dfcb4699Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:50:37 2020 -0700 Merge pull request #7993 from snipe/fixes/7989_column_selector Fixed #7989 - Converted table heading icons in People to CSS glyphs commit3dfcb46991Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:41:08 2020 -0700 Minor formatting changes Signed-off-by: snipe <snipe@snipe.net> commit96eb96f964Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:27:00 2020 -0700 Removed stray val (typo) Signed-off-by: snipe <snipe@snipe.net> commita2f08bd3baAuthor: snipe <snipe@snipe.net> Date: Fri Apr 24 04:08:54 2020 -0700 Added comments Signed-off-by: snipe <snipe@snipe.net> commite009fbe59fAuthor: snipe <snipe@snipe.net> Date: Fri Apr 24 04:04:53 2020 -0700 Converted table heading icons in People to CSS glyphs Signed-off-by: snipe <snipe@snipe.net> commit5bb4f271aaAuthor: snipe <snipe@snipe.net> Date: Fri Apr 24 00:47:19 2020 -0700 Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets Signed-off-by: snipe <snipe@snipe.net>
474 lines
14 KiB
PHP
474 lines
14 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\Setting;
|
|
use App\Models\User;
|
|
use App\Services\LdapAd;
|
|
use App\Services\Saml;
|
|
use Com\Tecnick\Barcode\Barcode;
|
|
use Google2FA;
|
|
use Illuminate\Foundation\Auth\ThrottlesLogins;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Carbon;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Session;
|
|
use Illuminate\Support\Facades\Validator;
|
|
use Log;
|
|
use Redirect;
|
|
|
|
/**
|
|
* This controller handles authentication for the user, including local
|
|
* database users and LDAP users.
|
|
*
|
|
* @author [A. Gianotto] [<snipe@snipe.net>]
|
|
* @version v1.0
|
|
*/
|
|
class LoginController extends Controller
|
|
{
|
|
|
|
use ThrottlesLogins;
|
|
|
|
// This tells the auth controller to use username instead of email address
|
|
protected $username = 'username';
|
|
|
|
/**
|
|
* Where to redirect users after login / registration.
|
|
*
|
|
* @var string
|
|
*/
|
|
protected $redirectTo = '/';
|
|
|
|
/**
|
|
* @var LdapAd
|
|
*/
|
|
protected $ldap;
|
|
|
|
/**
|
|
* @var Saml
|
|
*/
|
|
protected $saml;
|
|
|
|
/**
|
|
* Create a new authentication controller instance.
|
|
*
|
|
* @param LdapAd $ldap
|
|
* @param Saml $saml
|
|
*
|
|
* @return void
|
|
*/
|
|
public function __construct(LdapAd $ldap, Saml $saml)
|
|
{
|
|
parent::__construct();
|
|
$this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
|
|
Session::put('backUrl', \URL::previous());
|
|
$this->ldap = $ldap;
|
|
$this->saml = $saml;
|
|
}
|
|
|
|
function showLoginForm(Request $request)
|
|
{
|
|
$this->loginViaRemoteUser($request);
|
|
$this->loginViaSaml($request);
|
|
if (Auth::check()) {
|
|
return redirect()->intended('/');
|
|
}
|
|
|
|
if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == "1" && !($request->has('nosaml') || $request->session()->has('error'))) {
|
|
return redirect()->route('saml.login');
|
|
}
|
|
|
|
if (Setting::getSettings()->login_common_disabled == "1") {
|
|
return view('errors.403');
|
|
}
|
|
|
|
return view('auth.login');
|
|
}
|
|
|
|
/**
|
|
* Log in a user by SAML
|
|
*
|
|
* @author Johnson Yi <jyi.dev@outlook.com>
|
|
*
|
|
* @since 5.0.0
|
|
*
|
|
* @param Request $request
|
|
*
|
|
* @return User
|
|
*
|
|
* @throws \Exception
|
|
*/
|
|
private function loginViaSaml(Request $request)
|
|
{
|
|
$saml = $this->saml;
|
|
$samlData = $request->session()->get('saml_login');
|
|
if ($saml->isEnabled() && !empty($samlData)) {
|
|
try {
|
|
LOG::debug("Attempting to log user in by SAML authentication.");
|
|
$user = $saml->samlLogin($samlData);
|
|
if(!is_null($user)) {
|
|
Auth::login($user, true);
|
|
} else {
|
|
$username = $saml->getUsername();
|
|
LOG::debug("SAML user '$username' could not be found in database.");
|
|
$request->session()->flash('error', trans('auth/message.signin.error'));
|
|
$saml->clearData();
|
|
}
|
|
|
|
if ($user = Auth::user()) {
|
|
$user->last_login = \Carbon::now();
|
|
$user->save();
|
|
}
|
|
} catch (\Exception $e) {
|
|
LOG::debug("There was an error authenticating the SAML user: " . $e->getMessage());
|
|
throw new \Exception($e->getMessage());
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Log in a user by LDAP
|
|
*
|
|
* @author Wes Hulette <jwhulette@gmail.com>
|
|
*
|
|
* @since 5.0.0
|
|
*
|
|
* @param Request $request
|
|
*
|
|
* @return User
|
|
*
|
|
* @throws \Exception
|
|
*/
|
|
private function loginViaLdap(Request $request): User
|
|
{
|
|
try {
|
|
return $this->ldap->ldapLogin($request->input('username'), $request->input('password'));
|
|
} catch (\Exception $ex) {
|
|
LOG::debug("LDAP user login: " . $ex->getMessage());
|
|
throw new \Exception($ex->getMessage());
|
|
}
|
|
}
|
|
|
|
private function loginViaRemoteUser(Request $request)
|
|
{
|
|
$header_name = Setting::getSettings()->login_remote_user_header_name ?: 'REMOTE_USER';
|
|
$remote_user = $request->server($header_name);
|
|
if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
|
|
Log::debug("Authenticating via HTTP header $header_name.");
|
|
|
|
$pos = strpos($remote_user, '\\');
|
|
if ($pos > 0) {
|
|
$remote_user = substr($remote_user, $pos + 1);
|
|
};
|
|
|
|
try {
|
|
$user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
|
|
Log::debug("Remote user auth lookup complete");
|
|
if(!is_null($user)) Auth::login($user, true);
|
|
} catch(Exception $e) {
|
|
Log::debug("There was an error authenticating the Remote user: " . $e->getMessage());
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Account sign in form processing.
|
|
*
|
|
* @return Redirect
|
|
*/
|
|
public function login(Request $request)
|
|
{
|
|
if (Setting::getSettings()->login_common_disabled == "1") {
|
|
return view('errors.403');
|
|
}
|
|
|
|
$validator = $this->validator($request->all());
|
|
|
|
if ($validator->fails()) {
|
|
return redirect()->back()->withInput()->withErrors($validator);
|
|
}
|
|
|
|
$this->maxLoginAttempts = config('auth.throttle.max_attempts');
|
|
$this->lockoutTime = config('auth.throttle.lockout_duration');
|
|
|
|
if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
|
|
$this->fireLockoutEvent($request);
|
|
return $this->sendLockoutResponse($request);
|
|
}
|
|
|
|
$user = null;
|
|
|
|
// Should we even check for LDAP users?
|
|
if ($this->ldap->init()) {
|
|
LOG::debug("LDAP is enabled.");
|
|
try {
|
|
LOG::debug("Attempting to log user in by LDAP authentication.");
|
|
$user = $this->loginViaLdap($request);
|
|
Auth::login($user, true);
|
|
|
|
// If the user was unable to login via LDAP, log the error and let them fall through to
|
|
// local authentication.
|
|
} catch (\Exception $e) {
|
|
Log::debug("There was an error authenticating the LDAP user: ".$e->getMessage());
|
|
}
|
|
}
|
|
|
|
// If the user wasn't authenticated via LDAP, skip to local auth
|
|
if (!$user) {
|
|
Log::debug("Authenticating user against database.");
|
|
// Try to log the user in
|
|
if (!Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {
|
|
|
|
if (!$lockedOut) {
|
|
$this->incrementLoginAttempts($request);
|
|
}
|
|
|
|
Log::debug("Local authentication failed.");
|
|
return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
|
|
} else {
|
|
|
|
$this->clearLoginAttempts($request);
|
|
}
|
|
}
|
|
|
|
if ($user = Auth::user()) {
|
|
$user->last_login = \Carbon::now();
|
|
$user->save();
|
|
}
|
|
// Redirect to the users page
|
|
return redirect()->intended()->with('success', trans('auth/message.signin.success'));
|
|
}
|
|
|
|
|
|
/**
|
|
* Two factor enrollment page
|
|
*
|
|
* @return Redirect
|
|
*/
|
|
public function getTwoFactorEnroll()
|
|
{
|
|
|
|
// Make sure the user is logged in
|
|
if (!Auth::check()) {
|
|
return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
|
|
}
|
|
|
|
|
|
$settings = Setting::getSettings();
|
|
$user = Auth::user();
|
|
|
|
// We wouldn't normally see this page if 2FA isn't enforced via the
|
|
// \App\Http\Middleware\CheckForTwoFactor middleware AND if a device isn't enrolled,
|
|
// but let's check check anyway in case there's a browser history or back button thing.
|
|
// While you can access this page directly, enrolling a device when 2FA isn't enforced
|
|
// won't cause any harm.
|
|
|
|
if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
|
|
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.already_enrolled'));
|
|
}
|
|
|
|
$secret = Google2FA::generateSecretKey();
|
|
$user->two_factor_secret = $secret;
|
|
$user->save();
|
|
|
|
$barcode = new Barcode();
|
|
$barcode_obj =
|
|
$barcode->getBarcodeObj(
|
|
'QRCODE',
|
|
sprintf(
|
|
'otpauth://totp/%s:%s?secret=%s&issuer=Snipe-IT&period=30',
|
|
urlencode($settings->site_name),
|
|
urlencode($user->username),
|
|
urlencode($secret)
|
|
),
|
|
300,
|
|
300,
|
|
'black',
|
|
[-2, -2, -2, -2]
|
|
);
|
|
|
|
return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
|
|
}
|
|
|
|
|
|
/**
|
|
* Two factor code form page
|
|
*
|
|
* @return Redirect
|
|
*/
|
|
public function getTwoFactorAuth()
|
|
{
|
|
// Check that the user is logged in
|
|
if (!Auth::check()) {
|
|
return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
|
|
}
|
|
|
|
$user = Auth::user();
|
|
|
|
// Check whether there is a device enrolled.
|
|
// This *should* be handled via the \App\Http\Middleware\CheckForTwoFactor middleware
|
|
// but we're just making sure (in case someone edited the database directly, etc)
|
|
if (($user->two_factor_secret=='') || ($user->two_factor_enrolled!=1)) {
|
|
return redirect()->route('two-factor-enroll');
|
|
}
|
|
|
|
return view('auth.two_factor');
|
|
}
|
|
|
|
/**
|
|
* Two factor code submission
|
|
*
|
|
* @param Request $request
|
|
*
|
|
* @return Redirect
|
|
*/
|
|
public function postTwoFactorAuth(Request $request)
|
|
{
|
|
|
|
if (!Auth::check()) {
|
|
return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
|
|
}
|
|
|
|
if (!$request->filled('two_factor_secret')) {
|
|
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
|
|
}
|
|
|
|
if (!$request->has('two_factor_secret')) {
|
|
return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
|
|
}
|
|
|
|
$user = Auth::user();
|
|
$secret = $request->input('two_factor_secret');
|
|
|
|
if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
|
|
$user->two_factor_enrolled = 1;
|
|
$user->save();
|
|
$request->session()->put('2fa_authed', 'true');
|
|
return redirect()->route('home')->with('success', 'You are logged in!');
|
|
}
|
|
|
|
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
|
|
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
* Logout page.
|
|
*
|
|
* @param Request $request
|
|
*
|
|
* @return Redirect
|
|
*/
|
|
public function logout(Request $request)
|
|
{
|
|
$settings = Setting::getSettings();
|
|
$saml = $this->saml;
|
|
$sloRedirectUrl = null;
|
|
$sloRequestUrl = null;
|
|
|
|
if ($saml->isEnabled()) {
|
|
$auth = $saml->getAuth();
|
|
$sloRedirectUrl = $request->session()->get('saml_slo_redirect_url');
|
|
|
|
if (!empty($auth->getSLOurl()) && $settings->saml_slo == '1' && $saml->isAuthenticated() && empty($sloRedirectUrl)) {
|
|
$sloRequestUrl = $auth->logout(null, array(), $saml->getNameId(), $saml->getSessionIndex(), true, $saml->getNameIdFormat(), $saml->getNameIdNameQualifier(), $saml->getNameIdSPNameQualifier());
|
|
}
|
|
|
|
$saml->clearData();
|
|
}
|
|
|
|
if (!empty($sloRequestUrl)) {
|
|
return redirect()->away($sloRequestUrl);
|
|
}
|
|
|
|
$request->session()->regenerate(true);
|
|
|
|
$request->session()->regenerate(true);
|
|
Auth::logout();
|
|
|
|
if (!empty($sloRedirectUrl)) {
|
|
return redirect()->away($sloRedirectUrl);
|
|
}
|
|
|
|
$customLogoutUrl = $settings->login_remote_user_custom_logout_url ;
|
|
if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
|
|
return redirect()->away($customLogoutUrl);
|
|
}
|
|
|
|
return redirect()->route('login')->with(['success' => trans('auth/message.logout.success'), 'loggedout' => true]);
|
|
}
|
|
|
|
|
|
/**
|
|
* Get a validator for an incoming registration request.
|
|
*
|
|
* @param array $data
|
|
* @return \Illuminate\Contracts\Validation\Validator
|
|
*/
|
|
protected function validator(array $data)
|
|
{
|
|
return Validator::make($data, [
|
|
'username' => 'required',
|
|
'password' => 'required',
|
|
]);
|
|
}
|
|
|
|
|
|
public function username()
|
|
{
|
|
return 'username';
|
|
}
|
|
|
|
/**
|
|
* Redirect the user after determining they are locked out.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @return \Illuminate\Http\RedirectResponse
|
|
*/
|
|
protected function sendLockoutResponse(Request $request)
|
|
{
|
|
$seconds = $this->limiter()->availableIn(
|
|
$this->throttleKey($request)
|
|
);
|
|
|
|
$minutes = round($seconds / 60);
|
|
|
|
$message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);
|
|
|
|
return redirect()->back()
|
|
->withInput($request->only($this->username(), 'remember'))
|
|
->withErrors([$this->username() => $message]);
|
|
}
|
|
|
|
|
|
/**
|
|
* Override the lockout time and duration
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @return bool
|
|
*/
|
|
protected function hasTooManyLoginAttempts(Request $request)
|
|
{
|
|
$lockoutTime = config('auth.throttle.lockout_duration');
|
|
$maxLoginAttempts = config('auth.throttle.max_attempts');
|
|
|
|
return $this->limiter()->tooManyAttempts(
|
|
$this->throttleKey($request),
|
|
$maxLoginAttempts,
|
|
$lockoutTime
|
|
);
|
|
}
|
|
|
|
public function legacyAuthRedirect() {
|
|
return redirect()->route('login');
|
|
}
|
|
|
|
public function redirectTo()
|
|
{
|
|
return Session::get('backUrl') ? Session::get('backUrl') : $this->redirectTo;
|
|
}
|
|
|
|
}
|