snipe-it/routes/web.php

575 lines
18 KiB
PHP

<?php
use App\Http\Controllers\Account;
use App\Http\Controllers\ActionlogController;
use App\Http\Controllers\CategoriesController;
use App\Http\Controllers\CompaniesController;
use App\Http\Controllers\DashboardController;
use App\Http\Controllers\DepartmentsController;
use App\Http\Controllers\DepreciationsController;
use App\Http\Controllers\GroupsController;
use App\Http\Controllers\HealthController;
use App\Http\Controllers\ImportsController;
use App\Http\Controllers\LabelsController;
use App\Http\Controllers\LocationsController;
use App\Http\Controllers\ManufacturersController;
use App\Http\Controllers\ModalController;
use App\Http\Controllers\ProfileController;
use App\Http\Controllers\ReportsController;
use App\Http\Controllers\SettingsController;
use App\Http\Controllers\StatuslabelsController;
use App\Http\Controllers\SuppliersController;
use App\Http\Controllers\ViewAssetsController;
use App\Http\Controllers\Auth\LoginController;
use App\Http\Controllers\Auth\ForgotPasswordController;
use App\Http\Controllers\Auth\ResetPasswordController;
use App\Livewire\Importer;
use App\Models\Accessory;
use App\Models\Asset;
use App\Models\User;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Auth;
Route::group(['middleware' => 'auth'], function () {
/*
* Companies
*/
Route::resource('companies', CompaniesController::class, [
'parameters' => ['company' => 'company_id'],
]);
/*
* Categories
*/
Route::resource('categories', CategoriesController::class, [
'parameters' => ['category' => 'category_id'],
]);
/*
* Labels
*/
Route::get(
'labels/{labelName}',
[LabelsController::class, 'show']
)->where('labelName', '.*')->name('labels.show');
/*
* Locations
*/
Route::get('/test-email', function() {
$item = Accessory::find(1); // Load some test data
$admin = User::find(1);
$target = User::find(2);
$acceptance = null; // Simulate acceptance data
$note = 'Test note';
$fields = [];
if (($item->model) && ($item->model->fieldset)) {
$fields = $item->model->fieldset->fields;
}
return new \App\Mail\CheckinAccessoryMail(
$item,
$admin,
$target,
$note);
});
Route::group(['prefix' => 'locations', 'middleware' => ['auth']], function () {
Route::post(
'bulkdelete',
[LocationsController::class, 'postBulkDelete']
)->name('locations.bulkdelete.show');
Route::post(
'bulkedit',
[LocationsController::class, 'postBulkDeleteStore']
)->name('locations.bulkdelete.store');
Route::post(
'{location}/restore',
[LocationsController::class, 'postRestore']
)->name('locations.restore');
Route::get('{locationId}/clone',
[LocationsController::class, 'getClone']
)->name('clone/location');
Route::get(
'{locationId}/printassigned',
[LocationsController::class, 'print_assigned']
)->name('locations.print_assigned');
Route::get(
'{locationId}/printallassigned',
[LocationsController::class, 'print_all_assigned']
)->name('locations.print_all_assigned');
});
Route::resource('locations', LocationsController::class, [
'parameters' => ['location' => 'location_id'],
]);
/*
* Manufacturers
*/
Route::group(['prefix' => 'manufacturers', 'middleware' => ['auth']], function () {
Route::post('{manufacturers_id}/restore', [ManufacturersController::class, 'restore'] )->name('restore/manufacturer');
});
Route::resource('manufacturers', ManufacturersController::class, [
'parameters' => ['manufacturer' => 'manufacturers_id'],
]);
/*
* Suppliers
*/
Route::resource('suppliers', SuppliersController::class, [
'parameters' => ['supplier' => 'supplier_id'],
]);
/*
* Depreciations
*/
Route::resource('depreciations', DepreciationsController::class, [
'parameters' => ['depreciation' => 'depreciation_id'],
]);
/*
* Status Labels
*/
Route::resource('statuslabels', StatuslabelsController::class, [
'parameters' => ['statuslabel' => 'statuslabel_id'],
]);
/*
* Departments
*/
Route::resource('departments', DepartmentsController::class, [
'parameters' => ['department' => 'department_id'],
]);
});
/*
|
|--------------------------------------------------------------------------
| Re-Usable Modal Dialog routes.
|--------------------------------------------------------------------------
|
| Routes for various modal dialogs to interstitially create various things
|
*/
Route::group(['middleware' => 'auth', 'prefix' => 'modals'], function () {
Route::get('{type}/{itemId?}', [ModalController::class, 'show'] )->name('modal.show');
});
/*
|--------------------------------------------------------------------------
| Log Routes
|--------------------------------------------------------------------------
|
| Register all the admin routes.
|
*/
Route::group(['middleware' => 'auth'], function () {
Route::get(
'display-sig/{filename}',
[ActionlogController::class, 'displaySig']
)->name('log.signature.view');
Route::get(
'stored-eula-file/{filename}',
[ActionlogController::class, 'getStoredEula']
)->name('log.storedeula.download');
});
/*
|--------------------------------------------------------------------------
| Admin Routes
|--------------------------------------------------------------------------
|
| Register all the admin routes.
|
*/
Route::group(['prefix' => 'admin', 'middleware' => ['auth', 'authorize:superuser']], function () {
Route::get('settings', [SettingsController::class, 'getSettings'])->name('settings.general.index');
Route::post('settings', [SettingsController::class, 'postSettings'])->name('settings.general.save');
Route::get('branding', [SettingsController::class, 'getBranding'])->name('settings.branding.index');
Route::post('branding', [SettingsController::class, 'postBranding'])->name('settings.branding.save');
Route::get('security', [SettingsController::class, 'getSecurity'])->name('settings.security.index');
Route::post('security', [SettingsController::class, 'postSecurity'])->name('settings.security.save');
Route::get('groups', [GroupsController::class, 'index'])->name('settings.groups.index');
Route::get('localization', [SettingsController::class, 'getLocalization'])->name('settings.localization.index');
Route::post('localization', [SettingsController::class, 'postLocalization'])->name('settings.localization.save');
Route::get('notifications', [SettingsController::class, 'getAlerts'])->name('settings.alerts.index');
Route::post('notifications', [SettingsController::class, 'postAlerts'])->name('settings.alerts.save');
Route::get('slack', [SettingsController::class, 'getSlack'])->name('settings.slack.index');
Route::post('slack', [SettingsController::class, 'postSlack'])->name('settings.slack.save');
Route::get('asset_tags', [SettingsController::class, 'getAssetTags'])->name('settings.asset_tags.index');
Route::post('asset_tags', [SettingsController::class, 'postAssetTags'])->name('settings.asset_tags.save');
Route::get('barcodes', [SettingsController::class, 'getBarcodes'])->name('settings.barcodes.index');
Route::post('barcodes', [SettingsController::class, 'postBarcodes'])->name('settings.barcodes.save');
Route::get('labels', [SettingsController::class, 'getLabels'])->name('settings.labels.index');
Route::post('labels', [SettingsController::class, 'postLabels'])->name('settings.labels.save');
Route::get('ldap', [SettingsController::class, 'getLdapSettings'])->name('settings.ldap.index');
Route::post('ldap', [SettingsController::class, 'postLdapSettings'])->name('settings.ldap.save');
Route::get('phpinfo', [SettingsController::class, 'getPhpInfo'])->name('settings.phpinfo.index');
Route::get('oauth', [SettingsController::class, 'api'])->name('settings.oauth.index');
Route::get('google', [SettingsController::class, 'getGoogleLoginSettings'])->name('settings.google.index');
Route::post('google', [SettingsController::class, 'postGoogleLoginSettings'])->name('settings.google.save');
Route::get('purge', [SettingsController::class, 'getPurge'])->name('settings.purge.index');
Route::post('purge', [SettingsController::class, 'postPurge'])->name('settings.purge.save');
Route::get('login-attempts', [SettingsController::class, 'getLoginAttempts'])->name('settings.logins.index');
// Backups
Route::group(['prefix' => 'backups', 'middleware' => 'auth'], function () {
Route::get('download/{filename}',
[SettingsController::class, 'downloadFile'])->name('settings.backups.download');
Route::delete('delete/{filename}',
[SettingsController::class, 'deleteFile'])->name('settings.backups.destroy');
Route::post('/',
[SettingsController::class, 'postBackups']
)->name('settings.backups.create');
Route::post('/restore/{filename}',
[SettingsController::class, 'postRestore']
)->name('settings.backups.restore');
Route::post('/upload',
[SettingsController::class, 'postUploadBackup']
)->name('settings.backups.upload');
// Handle redirect from after POST request from backup restore
Route::get('/restore/{filename?}', function () {
return redirect(route('settings.backups.index'));
});
Route::get('/', [SettingsController::class, 'getBackups'])->name('settings.backups.index');
});
Route::resource('groups', GroupsController::class, [
'middleware' => ['auth'],
'parameters' => ['group' => 'group_id'],
]);
Route::get('/', [SettingsController::class, 'index'])->name('settings.index');
});
/*
|--------------------------------------------------------------------------
| Importer Routes
|--------------------------------------------------------------------------
|
|
|
*/
Route::get('/import',
Importer::class
)->middleware('auth')->name('imports.index');
/*
|--------------------------------------------------------------------------
| Account Routes
|--------------------------------------------------------------------------
|
|
|
*/
Route::group(['prefix' => 'account', 'middleware' => ['auth']], function () {
// Profile
Route::get('profile', [ProfileController::class, 'getIndex'])->name('profile');
Route::post('profile', [ProfileController::class, 'postIndex']);
Route::get('menu', [ProfileController::class, 'getMenuState'])->name('account.menuprefs');
Route::get('password', [ProfileController::class, 'password'])->name('account.password.index');
Route::post('password', [ProfileController::class, 'passwordSave']);
Route::get('api', [ProfileController::class, 'api'])->name('user.api');
// View Assets
Route::get('view-assets', [ViewAssetsController::class, 'getIndex'])->name('view-assets');
Route::get('requested', [ViewAssetsController::class, 'getRequestedAssets'])->name('account.requested');
// Profile
Route::get(
'requestable-assets',
[ViewAssetsController::class, 'getRequestableIndex']
)->name('requestable-assets');
Route::post(
'request-asset/{assetId}',
[ViewAssetsController::class, 'getRequestAsset']
)->name('account/request-asset');
Route::post(
'request/{itemType}/{itemId}/{cancel_by_admin?}/{requestingUser?}',
[ViewAssetsController::class, 'getRequestItem']
)->name('account/request-item');
// Account Dashboard
Route::get('/', [ViewAssetsController::class, 'getIndex'])->name('account');
Route::get('accept', [Account\AcceptanceController::class, 'index'])
->name('account.accept');
Route::get('accept/{id}', [Account\AcceptanceController::class, 'create'])
->name('account.accept.item');
Route::post('accept/{id}', [Account\AcceptanceController::class, 'store'])
->name('account.store-acceptance');
Route::get(
'print',
[
ProfileController::class,
'printInventory'
]
)->name('profile.print');
Route::post(
'email',
[
ProfileController::class,
'emailAssetList'
]
)->name('profile.email_assets');
});
Route::group(['middleware' => ['auth']], function () {
Route::get('reports/audit',
[ReportsController::class, 'audit']
)->name('reports.audit');
Route::get(
'reports/depreciation',
[ReportsController::class, 'getDeprecationReport']
)->name('reports/depreciation');
Route::get(
'reports/export/depreciation',
[ReportsController::class, 'exportDeprecationReport']
)->name('reports/export/depreciation');
Route::get(
'reports/asset_maintenances',
[ReportsController::class, 'getAssetMaintenancesReport']
)->name('reports/asset_maintenances');
Route::get(
'reports/export/asset_maintenances',
[ReportsController::class, 'exportAssetMaintenancesReport']
)->name('reports/export/asset_maintenances');
Route::get(
'reports/licenses',
[ReportsController::class, 'getLicenseReport']
)->name('reports/licenses');
Route::get(
'reports/export/licenses',
[ReportsController::class, 'exportLicenseReport']
)->name('reports/export/licenses');
Route::get('reports/accessories', [ReportsController::class, 'getAccessoryReport'])->name('reports/accessories');
Route::get(
'reports/export/accessories',
[ReportsController::class, 'exportAccessoryReport']
)->name('reports/export/accessories');
Route::get('reports/custom', [ReportsController::class, 'getCustomReport'])->name('reports/custom');
Route::post('reports/custom', [ReportsController::class, 'postCustom']);
Route::get(
'reports/activity',
[ReportsController::class, 'getActivityReport']
)->name('reports.activity');
Route::post('reports/activity', [ReportsController::class, 'postActivityReport']);
Route::get(
'reports/unaccepted_assets/{deleted?}',
[ReportsController::class, 'getAssetAcceptanceReport']
)->name('reports/unaccepted_assets');
Route::post(
'reports/unaccepted_assets/sent_reminder',
[ReportsController::class, 'sentAssetAcceptanceReminder']
)->name('reports/unaccepted_assets_sent_reminder');
Route::delete(
'reports/unaccepted_assets/{acceptanceId}/delete',
[ReportsController::class, 'deleteAssetAcceptance']
)->name('reports/unaccepted_assets_delete');
Route::post(
'reports/unaccepted_assets/{deleted?}',
[ReportsController::class, 'postAssetAcceptanceReport']
)->name('reports/export/unaccepted_assets');
});
Route::get(
'auth/signin',
[LoginController::class, 'legacyAuthRedirect']
);
/*
|--------------------------------------------------------------------------
| Setup Routes
|--------------------------------------------------------------------------
|
|
|
*/
Route::group(['prefix' => 'setup', 'middleware' => 'web'], function () {
Route::get(
'user',
[SettingsController::class, 'getSetupUser']
)->name('setup.user');
Route::post(
'user',
[SettingsController::class, 'postSaveFirstAdmin']
)->name('setup.user.save');
Route::get(
'migrate',
[SettingsController::class, 'getSetupMigrate']
)->name('setup.migrate');
Route::get(
'done',
[SettingsController::class, 'getSetupDone']
)->name('setup.done');
Route::get(
'mailtest',
[SettingsController::class, 'ajaxTestEmail']
)->name('setup.mailtest');
Route::get(
'/',
[SettingsController::class, 'getSetupIndex']
)->name('setup');
});
Route::group(['middleware' => 'web'], function () {
Route::get(
'login',
[LoginController::class, 'showLoginForm']
)->name("login");
Route::post(
'login',
[LoginController::class, 'login']
);
Route::get(
'two-factor-enroll',
[LoginController::class, 'getTwoFactorEnroll']
)->name('two-factor-enroll');
Route::get(
'two-factor',
[LoginController::class, 'getTwoFactorAuth']
)->name('two-factor');
Route::post(
'two-factor',
[LoginController::class, 'postTwoFactorAuth']
);
Route::post(
'password/email',
[ForgotPasswordController::class, 'sendResetLinkEmail']
)->name('password.email')->middleware('throttle:forgotten_password');
Route::get(
'password/reset',
[ForgotPasswordController::class, 'showLinkRequestForm']
)->name('password.request')->middleware('throttle:forgotten_password');
Route::post(
'password/reset',
[ResetPasswordController::class, 'reset']
)->name('password.update')->middleware('throttle:forgotten_password');
Route::get(
'password/reset/{token}',
[ResetPasswordController::class, 'showResetForm']
)->name('password.reset');
Route::post(
'password/email',
[ForgotPasswordController::class, 'sendResetLinkEmail']
)->name('password.email')->middleware('throttle:forgotten_password');
// Socialite Google login
Route::get('google', 'App\Http\Controllers\GoogleAuthController@redirectToGoogle')->name('google.redirect');
Route::get('google/callback', 'App\Http\Controllers\GoogleAuthController@handleGoogleCallback')->name('google.callback');
Route::get(
'/',
[
'as' => 'home',
'middleware' => ['auth'],
'uses' => 'DashboardController@getIndex' ]
);
// need to keep GET /logout for SAML SLO
Route::get(
'logout',
[LoginController::class, 'logout']
)->name('logout.get');
Route::post(
'logout',
[LoginController::class, 'logout']
)->name('logout.post');
});
/**
* Health check route - skip middleware
*/
Route::withoutMiddleware(['web'])->get(
'/health',
[HealthController::class, 'get']
)->name('health');
Route::middleware(['auth'])->get(
'/',
[DashboardController::class, 'index']
)->name('home');