From 8a5d426ccd7579155935a38c7eaa2463e77d7264 Mon Sep 17 00:00:00 2001 From: Ivan Nieto Vivanco Date: Thu, 2 Mar 2023 19:33:32 -0600 Subject: [PATCH 01/11] Use correct LicenseSeat property --- app/Http/Controllers/Licenses/LicenseCheckinController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/Licenses/LicenseCheckinController.php b/app/Http/Controllers/Licenses/LicenseCheckinController.php index a34de73d77..257722b005 100644 --- a/app/Http/Controllers/Licenses/LicenseCheckinController.php +++ b/app/Http/Controllers/Licenses/LicenseCheckinController.php @@ -61,7 +61,7 @@ class LicenseCheckinController extends Controller $license = License::find($licenseSeat->license_id); // LicenseSeat is not assigned, it can't be checked in - if (is_null($licenseSeat->assignedTo) && is_null($licenseSeat->asset_id)) { + if (is_null($licenseSeat->assigned_to) && is_null($licenseSeat->asset_id)) { return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkin.error')); } From 0b3becee7aa402c46318675364d606cba5717c17 Mon Sep 17 00:00:00 2001 From: Achmad Fienan Rahardianto Date: Sat, 4 Mar 2023 11:27:00 +0700 Subject: [PATCH 02/11] enable sortable for ID column --- resources/views/groups/index.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/views/groups/index.blade.php b/resources/views/groups/index.blade.php index ffc193c7cf..4958e3a4d0 100755 --- a/resources/views/groups/index.blade.php +++ b/resources/views/groups/index.blade.php @@ -41,7 +41,7 @@ - {{ trans('general.id') }} + {{ trans('general.id') }} {{ trans('admin/groups/table.name') }} {{ trans('admin/groups/table.users') }} {{ trans('general.created_at') }} From 1d4f4b92de5e74582f0168a8d6d29d9b8c4715fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Rodr=C3=ADguez=20Guimer=C3=A1ns?= Date: Sun, 5 Mar 2023 17:17:48 +0100 Subject: [PATCH 03/11] Include path in the expected URL during Pre-Flight So that the message displayed to the user when the URL Pre-Flight check fails is: > Snipe-IT thinks your URL is SCHEME://DOMAIN, but your real URL is SCHEME://DOMAIN/setup instead of: > Snipe-IT thinks your URL is SCHEME://DOMAIN/setup, but your real URL is SCHEME://DOMAIN/setup Having a missing "/setup" in the expected URL might confuse the user into thinking that it is an additional configuration problem they need to fix. With this change, the comparison between the expected and actual URL will not contain any accidental difference anymore. Only those that the user really needs to be aware of and fix in their setup. --- app/Http/Controllers/SettingsController.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index 5498187561..407788a61b 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -74,9 +74,8 @@ class SettingsController extends Controller } $pageURL = $protocol.$host.$_SERVER['REQUEST_URI']; - $start_settings['url_valid'] = (url('/').'/setup' === $pageURL); - - $start_settings['url_config'] = url('/'); + $start_settings['url_config'] = url('/').'/setup'; + $start_settings['url_valid'] = ($start_settings['url_config'] === $pageURL); $start_settings['real_url'] = $pageURL; $start_settings['php_version_min'] = true; From 548ae7ad22a5c1db703edfd9dcce9bce87e3fd2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Rodr=C3=ADguez=20Guimer=C3=A1ns?= Date: Mon, 27 Feb 2023 21:32:47 +0100 Subject: [PATCH 04/11] Add Reverse Proxy support to Pre-Flight URL check Before this change, the Pre-Flight URL check would inevitably fail whenever Snipe-IT was running behind a reverse proxy or load balancer. The URL check tries to ensure that the configured application URL matches the URL that is actually used to reach the application. However, when running behind an HTTP intermediary (like a reverse proxy or a load balancer) the HTTP connection that Snipe-IT receives is not the _real_ connection from the user anymore, but a connection from the HTTP intermediary. The scheme, host and port that Snipe-IT would obtain from that incoming intermediary connection wouldn't match what is configured as application URL and, therefore, the URL check would fail. This commit solves the situation by making Snipe-IT's Pre-Flight URL check aware of the `X-Forwarded-Proto` and `X-Forwarded-Host` HTTP headers. These headers represent the _de-facto_ standard used by reverse proxies and other HTTP intermediary components to convey information about the incoming HTTP connection to the upstream application. Being the upstream application, Snipe-IT can then make use of this information to correctly evaluate the validity of the configured application URL. --- app/Http/Controllers/SettingsController.php | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index 5498187561..a8212d1357 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -65,12 +65,22 @@ class SettingsController extends Controller $start_settings['db_error'] = $e->getMessage(); } - $protocol = array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS']) ? 'https://' : 'http://'; + if (array_key_exists("HTTP_X_FORWARDED_PROTO", $_SERVER)) { + $protocol = $_SERVER["HTTP_X_FORWARDED_PROTO"] . "://"; + } elseif (array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS'])) { + $protocol = "https://"; + } else { + $protocol = "http://"; + } - $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null; - $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null; - if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) { - $host .= ':'.$port; + if (array_key_exists("HTTP_X_FORWARDED_HOST", $_SERVER)) { + $host = $_SERVER["HTTP_X_FORWARDED_HOST"]; + } else { + $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null; + $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null; + if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) { + $host .= ':'.$port; + } } $pageURL = $protocol.$host.$_SERVER['REQUEST_URI']; From e5deb4b41386388e715005f0e7b5940c7bbbe98a Mon Sep 17 00:00:00 2001 From: Godfrey M Date: Mon, 6 Mar 2023 09:41:14 -0800 Subject: [PATCH 05/11] doesn't allow months to be zero --- app/Models/Depreciation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Models/Depreciation.php b/app/Models/Depreciation.php index 39fb935494..9faa1b86e2 100755 --- a/app/Models/Depreciation.php +++ b/app/Models/Depreciation.php @@ -16,7 +16,7 @@ class Depreciation extends SnipeModel // Declare the rules for the form validation protected $rules = [ 'name' => 'required|min:3|max:255|unique:depreciations,name', - 'months' => 'required|max:3600|integer', + 'months' => 'required|max:3600|integer|gt:0', ]; /** From cc7325074e517f2e6eccf59553d4913f77d97196 Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 6 Mar 2023 10:47:28 -0800 Subject: [PATCH 06/11] Check that the file exists before trying to stat it for filesize Signed-off-by: snipe --- app/Http/Controllers/Api/ImportController.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/Http/Controllers/Api/ImportController.php b/app/Http/Controllers/Api/ImportController.php index 2426a49bed..5874d96031 100644 --- a/app/Http/Controllers/Api/ImportController.php +++ b/app/Http/Controllers/Api/ImportController.php @@ -126,7 +126,12 @@ class ImportController extends Controller } $file_name = date('Y-m-d-his').'-'.$fixed_filename; $import->file_path = $file_name; - $import->filesize = filesize($path.'/'.$file_name); + $import->filesize = null; + + if (file_exists($path.'/'.$file_name)) { + $import->filesize = filesize($path.'/'.$file_name); + } + $import->save(); $results[] = $import; } From 8b6e8898c1681f61254270a2c1a15402f4c8f0cd Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 6 Mar 2023 15:09:12 -0800 Subject: [PATCH 07/11] Fixed hardcoded string Signed-off-by: snipe --- app/Http/Controllers/Api/SettingsController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/Api/SettingsController.php b/app/Http/Controllers/Api/SettingsController.php index d0f7fea602..a0438ef078 100644 --- a/app/Http/Controllers/Api/SettingsController.php +++ b/app/Http/Controllers/Api/SettingsController.php @@ -271,7 +271,7 @@ class SettingsController extends Controller $headers = ['ContentType' => 'application/zip']; return Storage::download($path.'/'.$file, $file, $headers); } else { - return response()->json(Helper::formatStandardApiResponse('error', null, 'File not found')); + return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_not_found'))); } } From e1069ac2341af39a78d9ac80069194508660c4b9 Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 6 Mar 2023 15:09:37 -0800 Subject: [PATCH 08/11] =?UTF-8?q?Return=20a=20file=20not=20found=20error?= =?UTF-8?q?=20if=20it=20doesn=E2=80=99t=20appear=20on=20disk?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: snipe --- app/Http/Controllers/Api/ImportController.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/app/Http/Controllers/Api/ImportController.php b/app/Http/Controllers/Api/ImportController.php index 5874d96031..6f5fc05ff3 100644 --- a/app/Http/Controllers/Api/ImportController.php +++ b/app/Http/Controllers/Api/ImportController.php @@ -128,9 +128,11 @@ class ImportController extends Controller $import->file_path = $file_name; $import->filesize = null; - if (file_exists($path.'/'.$file_name)) { - $import->filesize = filesize($path.'/'.$file_name); + if (!file_exists($path.'/'.$file_name)) { + return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_not_found')), 500); } + + $import->filesize = filesize($path.'/'.$file_name); $import->save(); $results[] = $import; From 16bd2cde0f0d07942c71194cc00cbeff0b29e382 Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 6 Mar 2023 15:09:45 -0800 Subject: [PATCH 09/11] Updated string for file not found Signed-off-by: snipe --- resources/lang/de/general.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/lang/de/general.php b/resources/lang/de/general.php index 08412e2e27..3f9634b60b 100644 --- a/resources/lang/de/general.php +++ b/resources/lang/de/general.php @@ -395,7 +395,7 @@ return [ 'end_date' => 'Enddatum', 'alt_uploaded_image_thumbnail' => 'Hochgeladene Miniaturansicht', 'placeholder_kit' => 'Kit auswählen', - 'file_not_found' => 'File not found', + 'file_not_found' => 'File not found on server', 'preview_not_available' => '(no preview)', 'setup' => 'Setup', 'pre_flight' => 'Pre-Flight', From dd3c3a142896c3a890ed5e2f9b260d36b1172132 Mon Sep 17 00:00:00 2001 From: Brady Wetherington Date: Mon, 6 Mar 2023 15:24:16 -0800 Subject: [PATCH 10/11] Suppress SCIMExceptions from cluttering up Rollbar --- app/Exceptions/Handler.php | 11 ++++++++--- config/logging.php | 5 +++++ 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 37e749597f..65a13edb2e 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -6,6 +6,7 @@ use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; use App\Helpers\Helper; use Illuminate\Validation\ValidationException; use Illuminate\Auth\AuthenticationException; +use ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException; use Log; use Throwable; use JsonException; @@ -28,6 +29,7 @@ class Handler extends ExceptionHandler \Intervention\Image\Exception\NotSupportedException::class, \League\OAuth2\Server\Exception\OAuthServerException::class, JsonException::class, + SCIMException::class, //these generally don't need to be reported ]; /** @@ -53,7 +55,7 @@ class Handler extends ExceptionHandler * * @param \Illuminate\Http\Request $request * @param \Exception $e - * @return \Illuminate\Http\Response + * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse|\Illuminate\Http\Response */ public function render($request, Throwable $e) { @@ -70,6 +72,9 @@ class Handler extends ExceptionHandler return response()->json(Helper::formatStandardApiResponse('error', null, 'invalid JSON'), 422); } + if ($e instanceof SCIMException) { + return response()->json(Helper::formatStandardApiResponse('error', null, 'invalid SCIM Request'), 400); + } // Handle Ajax requests that fail because the model doesn't exist if ($request->ajax() || $request->wantsJson()) { @@ -113,8 +118,8 @@ class Handler extends ExceptionHandler * * @param \Illuminate\Http\Request $request * @param \Illuminate\Auth\AuthenticationException $exception - * @return \Illuminate\Http\Response - */ + * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse + */ protected function unauthenticated($request, AuthenticationException $exception) { if ($request->expectsJson()) { diff --git a/config/logging.php b/config/logging.php index 94495a2a33..65b717750d 100644 --- a/config/logging.php +++ b/config/logging.php @@ -117,6 +117,11 @@ $config = [ \Log::info("IGNORING E_WARNING in production mode: ".$args->getMessage()); return true; // "TRUE - you should ignore it!" } + $needle = "ArieTimmerman\\Laravel\\SCIMServer\\Exceptions\\SCIMException"; + if (App::environment('production') && is_string($args) && strncmp($args, $needle, strlen($needle) ) === 0 ) { + \Log::info("String: '$args' looks like a SCIM Exception; ignoring error"); + return true; //yes, *do* ignore it + } return false; }, ], From ef27c35d1d9510df4f5cf41d4034d57345524759 Mon Sep 17 00:00:00 2001 From: Marcus Moore Date: Mon, 6 Mar 2023 16:33:40 -0800 Subject: [PATCH 11/11] Update array keys to set asset location properly --- database/factories/ActionlogFactory.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/database/factories/ActionlogFactory.php b/database/factories/ActionlogFactory.php index 33cc83ead4..382a6412c2 100644 --- a/database/factories/ActionlogFactory.php +++ b/database/factories/ActionlogFactory.php @@ -55,7 +55,7 @@ class ActionlogFactory extends Factory [ 'assigned_to' => $target->id, 'assigned_type' => \App\Models\User::class, - 'assigned_to' => $target->location_id, + 'location_id' => $target->location_id, ] ); @@ -84,7 +84,7 @@ class ActionlogFactory extends Factory [ 'assigned_to' => $target->id, 'assigned_type' => \App\Models\Location::class, - 'assigned_to' => $target->id, + 'location_id' => $target->id, ] );