ouyang/snipe-it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into develop

Browse Source 
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Console/Commands/FixDoubleEscape.php
#	app/Console/Commands/LdapSync.php
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetMaintenancesController.php
#	app/Http/Controllers/Api/AssetModelsController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/CategoriesController.php
#	app/Http/Controllers/Api/CompaniesController.php
#	app/Http/Controllers/Api/DepartmentsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/ManufacturersController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/SuppliersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Models/Loggable.php
#	app/Providers/AuthServiceProvider.php
#	config/version.php
#	database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
#	database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php
#	package-lock.json
#	package.json
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/forms/asset-models/fieldset-default-values.vue
#	resources/views/hardware/view.blade.php
This commit is contained in:
snipe
2022-02-20 13:29:12 -08:00
parent cbfb8283f3 dc2b58f865
commit dd5f812d88
31 changed files with 235 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/Api/AssetMaintenancesController.php
+5
View File
@@ -34,6 +34,7 @@ class AssetMaintenancesController extends Controller
*/
public function index(Request $request)
{
$this->authorize('view', Asset::class);
$maintenances = AssetMaintenance::with('asset', 'asset.model', 'asset.location', 'supplier', 'asset.company', 'admin');
if ($request->filled('search')) {
@@ -101,6 +102,7 @@ class AssetMaintenancesController extends Controller
*/
public function store(Request $request)
{
$this->authorize('edit', Asset::class);
// create a new model instance
$assetMaintenance = new AssetMaintenance();
$assetMaintenance->supplier_id = $request->input('supplier_id');
@@ -152,6 +154,7 @@ class AssetMaintenancesController extends Controller
*/
public function update(Request $request, $assetMaintenanceId = null)
{
$this->authorize('edit', Asset::class);
// Check if the asset maintenance exists
$assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
@@ -215,6 +218,7 @@ class AssetMaintenancesController extends Controller
*/
public function destroy($assetMaintenanceId)
{
$this->authorize('edit', Asset::class);
// Check if the asset maintenance exists
$assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
@@ -240,6 +244,7 @@ class AssetMaintenancesController extends Controller
*/
public function show($assetMaintenanceId)
{
$this->authorize('view', Asset::class);
$assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
app/Http/Controllers/Api/AssetModelsController.php
+2
View File
@@ -235,6 +235,8 @@ class AssetModelsController extends Controller
*/
public function selectlist(Request $request)
{
$this->authorize('view.selectlists');
$assetmodels = AssetModel::select([
'models.id',
'models.name',
app/Http/Controllers/Api/AssetsController.php
+8 -2
View File
@@ -368,8 +368,8 @@ class AssetsController extends Controller
return (new AssetsTransformer)->transformAsset($asset, $request);
}
return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
}
/**
@@ -858,8 +858,13 @@ class AssetsController extends Controller
$asset->status_id = $request->input('status_id');
}
$checkin_at = null;
if ($request->filled('checkin_at')) {
$checkin_at = $request->input('checkin_at');
}
if ($asset->save()) {
event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note')));
event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));
return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
}
@@ -898,6 +903,7 @@ class AssetsController extends Controller
* @return JsonResponse
*/
public function audit(Request $request)
{
$this->authorize('audit', Asset::class);
$rules = [
app/Http/Controllers/Api/CategoriesController.php
+6 -2
View File
@@ -50,6 +50,7 @@ class CategoriesController extends Controller
}
/**
* Store a newly created resource in storage.
*
@@ -69,8 +70,8 @@ class CategoriesController extends Controller
if ($category->save()) {
return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.create.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, $category->getErrors()));
}
/**
@@ -85,10 +86,11 @@ class CategoriesController extends Controller
{
$this->authorize('view', Category::class);
$category = Category::findOrFail($id);
return (new CategoriesTransformer)->transformCategory($category);
}
/**
* Update the specified resource in storage.
*
@@ -136,6 +138,7 @@ class CategoriesController extends Controller
return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/categories/message.delete.success')));
}
/**
* Gets a paginated collection for the select2 menus
*
@@ -145,6 +148,7 @@ class CategoriesController extends Controller
*/
public function selectlist(Request $request, $category_type = 'asset')
{
$this->authorize('view.selectlists');
$categories = Category::select([
'id',
'name',
app/Http/Controllers/Api/CompaniesController.php
+5 -2
View File
@@ -56,10 +56,11 @@ class CompaniesController extends Controller
$total = $companies->count();
$companies = $companies->skip($offset)->take($limit)->get();
return (new CompaniesTransformer)->transformCompanies($companies, $total);
}
/**
* Store a newly created resource in storage.
*
@@ -95,10 +96,11 @@ class CompaniesController extends Controller
{
$this->authorize('view', Company::class);
$company = Company::findOrFail($id);
return (new CompaniesTransformer)->transformCompany($company);
}
/**
* Update the specified resource in storage.
*
@@ -157,6 +159,7 @@ class CompaniesController extends Controller
*/
public function selectlist(Request $request)
{
$this->authorize('view.selectlists');
$companies = Company::select([
'companies.id',
'companies.name',
app/Http/Controllers/Api/DepartmentsController.php
+6 -3
View File
@@ -66,8 +66,8 @@ class DepartmentsController extends Controller
$total = $departments->count();
$departments = $departments->skip($offset)->take($limit)->get();
return (new DepartmentsTransformer)->transformDepartments($departments, $total);
}
/**
@@ -91,8 +91,8 @@ class DepartmentsController extends Controller
if ($department->save()) {
return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
}
/**
@@ -134,6 +134,7 @@ class DepartmentsController extends Controller
return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
}
/**
* Validates and deletes selected department.
*
@@ -153,8 +154,8 @@ class DepartmentsController extends Controller
}
$department->delete();
return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/departments/message.delete.success')));
}
/**
@@ -166,6 +167,8 @@ class DepartmentsController extends Controller
*/
public function selectlist(Request $request)
{
$this->authorize('view.selectlists');
$departments = Department::select([
'id',
'name',
app/Http/Controllers/Api/LicensesController.php
+4
View File
@@ -92,6 +92,10 @@ class LicensesController extends Controller
$licenses = $licenses->TextSearch($request->input('search'));
}
if ($request->input('deleted')=='true') {
$licenses->onlyTrashed();
}
// Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
// case we override with the actual count, so we should return 0 items.
$offset = (($licenses) && ($request->get('offset') > $licenses->count())) ? $licenses->count() : $request->get('offset', 0);
app/Http/Controllers/Api/LocationsController.php
+6 -1
View File
@@ -73,6 +73,7 @@ class LocationsController extends Controller
break;
}
$total = $locations->count();
$locations = $locations->skip($offset)->take($limit)->get();
@@ -137,6 +138,7 @@ class LocationsController extends Controller
return (new LocationsTransformer)->transformLocation($location);
}
/**
* Update the specified resource in storage.
*
@@ -155,8 +157,8 @@ class LocationsController extends Controller
$location = $request->handleImages($location);
if ($location->isValid()) {
$location->save();
$location->save();
return response()->json(
Helper::formatStandardApiResponse(
'success',
@@ -221,6 +223,9 @@ class LocationsController extends Controller
*/
public function selectlist(Request $request)
{
$this->authorize('view.selectlists');
$locations = Location::select([
'locations.id',
'locations.name',
app/Http/Controllers/Api/ManufacturersController.php
+6 -4
View File
@@ -72,8 +72,8 @@ class ManufacturersController extends Controller
if ($manufacturer->save()) {
return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.create.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, $manufacturer->getErrors()));
}
/**
@@ -131,11 +131,11 @@ class ManufacturersController extends Controller
if ($manufacturer->isDeletable()) {
$manufacturer->delete();
return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/manufacturers/message.delete.success')));
return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/manufacturers/message.delete.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/manufacturers/message.assoc_users')));
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/manufacturers/message.assoc_users')));
}
/**
@@ -147,6 +147,8 @@ class ManufacturersController extends Controller
*/
public function selectlist(Request $request)
{
$this->authorize('view.selectlists');
$manufacturers = Manufacturer::select([
'id',
'name',
app/Http/Controllers/Api/SuppliersController.php
+6 -1
View File
@@ -70,8 +70,8 @@ class SuppliersController extends Controller
if ($supplier->save()) {
return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.create.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, $supplier->getErrors()));
}
/**
@@ -90,6 +90,7 @@ class SuppliersController extends Controller
return (new SuppliersTransformer)->transformSupplier($supplier);
}
/**
* Update the specified resource in storage.
*
@@ -127,6 +128,7 @@ class SuppliersController extends Controller
$supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
$this->authorize('delete', $supplier);
if ($supplier->assets_count > 0) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
}
@@ -153,6 +155,9 @@ class SuppliersController extends Controller
*/
public function selectlist(Request $request)
{
$this->authorize('view.selectlists');
$suppliers = Supplier::select([
'id',
'name',
app/Http/Controllers/AssetMaintenancesController.php
+8
View File
@@ -50,6 +50,7 @@ class AssetMaintenancesController extends Controller
*/
public function index()
{
$this->authorize('view', Asset::class);
return view('asset_maintenances/index');
}
@@ -64,6 +65,7 @@ class AssetMaintenancesController extends Controller
*/
public function create()
{
$this->authorize('edit', Asset::class);
$asset = null;
if ($asset = Asset::find(request('asset_id'))) {
@@ -94,6 +96,7 @@ class AssetMaintenancesController extends Controller
*/
public function store(Request $request)
{
$this->authorize('edit', Asset::class);
// create a new model instance
$assetMaintenance = new AssetMaintenance();
$assetMaintenance->supplier_id = $request->input('supplier_id');
@@ -145,6 +148,7 @@ class AssetMaintenancesController extends Controller
*/
public function edit($assetMaintenanceId = null)
{
$this->authorize('edit', Asset::class);
// Check if the asset maintenance exists
if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
// Redirect to the improvement management page
@@ -195,6 +199,7 @@ class AssetMaintenancesController extends Controller
*/
public function update(Request $request, $assetMaintenanceId = null)
{
$this->authorize('edit', Asset::class);
// Check if the asset maintenance exists
if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
// Redirect to the asset maintenance management page
@@ -262,6 +267,7 @@ class AssetMaintenancesController extends Controller
*/
public function destroy($assetMaintenanceId)
{
$this->authorize('edit', Asset::class);
// Check if the asset maintenance exists
if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
// Redirect to the asset maintenance management page
@@ -290,6 +296,8 @@ class AssetMaintenancesController extends Controller
*/
public function show($assetMaintenanceId)
{
$this->authorize('view', Asset::class);
// Check if the asset maintenance exists
if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
// Redirect to the asset maintenance management page
app/Http/Controllers/AssetModelsController.php
+13 -2
View File
@@ -123,6 +123,7 @@ class AssetModelsController extends Controller
return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
}
/**
* Validates and processes form data from the edit
* Asset Model form based on the model ID passed.
@@ -231,10 +232,11 @@ class AssetModelsController extends Controller
return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
}
return redirect()->back()->with('error', trans('admin/models/message.not_found'));
}
/**
* Get the model information to present to the model view page
*
@@ -282,6 +284,7 @@ class AssetModelsController extends Controller
->with('clone_model', $model_to_clone);
}
/**
* Get the custom fields form
*
@@ -295,6 +298,8 @@ class AssetModelsController extends Controller
return view('models.custom_fields_form')->with('model', AssetModel::find($modelId));
}
/**
* Returns a view that allows the user to bulk edit model attrbutes
*
@@ -337,6 +342,8 @@ class AssetModelsController extends Controller
->with('error', 'You must select at least one model to edit.');
}
/**
* Returns a view that allows the user to bulk edit model attrbutes
*
@@ -349,6 +356,7 @@ class AssetModelsController extends Controller
$models_raw_array = $request->input('ids');
$update_array = [];
if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id') != 'NC'))) {
$update_array['manufacturer_id'] = $request->input('manufacturer_id');
}
@@ -362,6 +370,7 @@ class AssetModelsController extends Controller
$update_array['depreciation_id'] = $request->input('depreciation_id');
}
if (count($update_array) > 0) {
AssetModel::whereIn('id', $models_raw_array)->update($update_array);
@@ -443,7 +452,9 @@ class AssetModelsController extends Controller
private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
{
foreach ($defaultValues as $customFieldId => $defaultValue) {
if ($defaultValue) {
if(is_array($defaultValue)){
$model->defaultValues()->attach($customFieldId, ['default_value' => implode(', ', $defaultValue)]);
}elseif ($defaultValue) {
$model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
}
}
app/Http/Controllers/Auth/ForgotPasswordController.php
+2
View File
@@ -82,6 +82,8 @@ class ForgotPasswordController extends Controller
\Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
}
// Prevent timing attack to enumerate users.
usleep(500000 + random_int(0, 1500000));
if ($response === \Password::RESET_LINK_SENT) {
\Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
app/Http/Controllers/Auth/LoginController.php
+4 -1
View File
@@ -302,6 +302,7 @@ class LoginController extends Controller
return redirect()->intended()->with('success', trans('auth/message.signin.success'));
}
/**
* Two factor enrollment page
*
@@ -402,7 +403,7 @@ class LoginController extends Controller
if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
$user->two_factor_enrolled = 1;
$user->save();
$request->session()->put('2fa_authed', 'true');
$request->session()->put('2fa_authed', $user->id);
return redirect()->route('home')->with('success', 'You are logged in!');
}
@@ -410,6 +411,7 @@ class LoginController extends Controller
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
}
/**
* Logout page.
*
@@ -456,6 +458,7 @@ class LoginController extends Controller
return redirect()->route('login')->with(['success' => trans('auth/message.logout.success'), 'loggedout' => true]);
}
/**
* Get a validator for an incoming registration request.
*
app/Http/Controllers/CustomFieldsController.php
+16 -1
View File
@@ -53,6 +53,7 @@ class CustomFieldsController extends Controller
return redirect()->route('fields.index');
}
/**
* Returns a view with a form to create a new custom field.
*
@@ -96,6 +97,7 @@ class CustomFieldsController extends Controller
"user_id" => Auth::id()
]);
if ($request->filled('custom_format')) {
$field->format = e($request->get('custom_format'));
} else {
@@ -125,12 +127,23 @@ class CustomFieldsController extends Controller
$this->authorize('update', $field);
// Check that the field exists - this is mostly related to the demo, where we
// rewrite the data every x minutes, so it's possible someone might be disassociating
// a field from a fieldset just as we're wiping the database
if (($field) && ($fieldset_id)) {
if ($field->fieldset()->detach($fieldset_id)) {
return redirect()->route('fieldsets.show', ['fieldset' => $fieldset_id])
->with('success', trans('admin/custom_fields/message.field.delete.success'));
} else {
return redirect()->back()->withErrors(['message' => "Field is in use and cannot be deleted."]);
}
}
return redirect()->back()->withErrors(['message' => 'Field is in-use']);
return redirect()->back()->withErrors(['message' => "Error deleting field from fieldset"]);
}
/**
@@ -157,6 +170,7 @@ class CustomFieldsController extends Controller
return redirect()->back()->withErrors(['message' => 'Field does not exist']);
}
/**
* Return a view to edit a custom field
*
@@ -189,6 +203,7 @@ class CustomFieldsController extends Controller
}
/**
* Store the updated field
*
app/Http/Controllers/SettingsController.php
+23 -1
View File
@@ -8,6 +8,7 @@ use App\Http\Requests\ImageUploadRequest;
use App\Http\Requests\SettingsSamlRequest;
use App\Http\Requests\SetupUserRequest;
use App\Models\Setting;
use App\Models\Asset;
use App\Models\User;
use App\Notifications\FirstAdminNotification;
use App\Notifications\MailTest;
@@ -419,6 +420,7 @@ class SettingsController extends Controller
$setting->brand = 1;
}
$setting = $request->handleImages($setting, 600, 'email_logo', '', 'email_logo');
@@ -476,6 +478,7 @@ class SettingsController extends Controller
return redirect()->back()->withInput()->withErrors($setting->getErrors());
}
/**
* Return a form to allow a super admin to update settings.
*
@@ -615,6 +618,26 @@ class SettingsController extends Controller
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
// Check if the audit interval has changed - if it has, we want to update ALL of the assets audit dates
if ($request->input('audit_interval') != $setting->audit_interval) {
// Be careful - this could be a negative number
$audit_diff_months = ((int)$request->input('audit_interval') - (int)($setting->audit_interval));
// Grab all of the assets that have an existing next_audit_date
$assets = Asset::whereNotNull('next_audit_date')->get();
// Update all of the assets' next_audit_date values
foreach ($assets as $asset) {
if ($asset->next_audit_date != '') {
$old_next_audit = new \DateTime($asset->next_audit_date);
$asset->next_audit_date = $old_next_audit->modify($audit_diff_months.' month')->format('Y-m-d');
$asset->forceSave();
}
}
}
$alert_email = rtrim($request->input('alert_email'), ',');
$alert_email = trim($alert_email);
$admin_cc_email = rtrim($request->input('admin_cc_email'), ',');
@@ -1027,7 +1050,6 @@ class SettingsController extends Controller
//$lastmodified = Carbon::parse(Storage::lastModified($backup_files[$f]))->toDatetimeString();
$file_timestamp = Storage::lastModified($backup_files[$f]);
$files_raw[] = [
'filename' => basename($backup_files[$f]),
'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
app/Http/Controllers/Users/UsersController.php
-1
View File
@@ -479,7 +479,6 @@ class UsersController extends Controller
$user->first_name = '';
$user->last_name = '';
$user->email = substr($user->email, ($pos = strpos($user->email, '@')) !== false ? $pos : 0);
$user->id = null;
// Get this user groups