commit 399c7590cd
Merge: d0c5ba70feb67d1b06
Author: snipe <snipe@snipe.net>
Date: Thu Dec 15 14:19:41 2022 -0800
Merge pull request #12209 from snipe/fixes/error_downloading_unaccepted_assets
Fixed 500 when downloading the Unaccepted Assets report [sc-19555]
commit d0c5ba70f6
Merge: 29c2ff56ed9a21cce0
Author: snipe <snipe@snipe.net>
Date: Thu Dec 15 12:42:29 2022 -0800
Merge pull request #12242 from inietov/features/add_purchase_cost_column
Added `purchase_cost` to user's default view [sc-19680]
commit d9a21cce00
Author: Ivan Nieto Vivanco <inietov@gmail.com>
Date: Thu Dec 15 14:12:05 2022 -0600
Add other items' purchase_cost columns to the same permission
commit 29c2ff56ec
Merge: 3e7975b2c1fe0bfe17
Author: snipe <snipe@snipe.net>
Date: Thu Dec 15 11:26:49 2022 -0800
Merge pull request #12188 from snipe/fixes/decrease_logging_for_saml_when_not_enabled
Removed extra logging case that was very noisy
commit 3e7975b2c3
Merge: 227fef76ed870bc3b0
Author: snipe <snipe@snipe.net>
Date: Thu Dec 15 11:25:53 2022 -0800
Merge pull request #12250 from akemidx/grey_out_pw_reset_button
Fixed: Grey out pw reset button for consistency
commit d870bc3b02
Author: akemidx <kojotek.dx@gmail.com>
Date: Thu Dec 15 14:19:51 2022 -0500
nested if loop
commit 227fef76ee
Merge: 418ddcfac9d44720ff
Author: snipe <snipe@snipe.net>
Date: Thu Dec 15 11:06:53 2022 -0800
Merge pull request #11736 from Godmartinz/gh6508_ldap_default_group
Adds a permission group selection for directory sync
commit 9d44720ffd
Author: Godfrey M <godmartinz@gmail.com>
Date: Thu Dec 15 11:02:34 2022 -0800
reverted changes to composer.lock
commit 9f3f0a25ed
Author: Godfrey M <godmartinz@gmail.com>
Date: Thu Dec 15 10:53:45 2022 -0800
reverted changes to composer.lock
commit 2e228ccb0b
Author: Godfrey M <godmartinz@gmail.com>
Date: Thu Dec 15 10:45:42 2022 -0800
redid a few things. should be good now :)
commit 3ee413f379
Author: Godfrey M <godmartinz@gmail.com>
Date: Thu Dec 15 09:20:30 2022 -0800
removes livewire stuff
commit b142f8e012
Author: Ivan Nieto Vivanco <inietov@gmail.com>
Date: Wed Dec 14 23:00:35 2022 -0600
Add the permission to show purchase cost column to non-admin sessions
commit 418ddcfac3
Merge: c342668f01a908e361
Author: snipe <snipe@snipe.net>
Date: Wed Dec 14 17:46:53 2022 -0800
Merge pull request #9876 from Toreg87/fixes/locations-deletable
Fixed#9875: Make locations deletable for non Superuser-Accounts with FullMultipleCompanySupport
commit c342668f0f
Author: snipe <snipe@snipe.net>
Date: Wed Dec 14 17:25:39 2022 -0800
Update @scoo73r as a contributor
commit 2f6a26ec7d
Author: snipe <snipe@snipe.net>
Date: Wed Dec 14 17:25:25 2022 -0800
Add @scoo73r as a contributor
commit f635278010
Merge: d13a237008043b8678
Author: snipe <snipe@snipe.net>
Date: Wed Dec 14 16:42:41 2022 -0800
Merge pull request #12251 from snipe/security/upgrade_font_awesome
Upgraded font awesome to 6.2.1
commit 8043b86786
Author: snipe <snipe@snipe.net>
Date: Wed Dec 14 16:41:56 2022 -0800
Upgraded font awesome to 6.2.1
Signed-off-by: snipe <snipe@snipe.net>
commit d13a237000
Merge: fabefa61bd0d0058e7
Author: snipe <snipe@snipe.net>
Date: Wed Dec 14 12:13:18 2022 -0800
Merge pull request #12205 from Godmartinz/sc19675_add_remote_to_importer
Adds remote field to the user importer
commit b114ffd2c3
Author: akemidx <kojotek.dx@gmail.com>
Date: Wed Dec 14 14:48:59 2022 -0500
Grey out button pw reset button for consistency
When user has no email in their profile, the box is greyed out for
consistency accross all buttons on the user profile
commit fabefa61b0
Merge: 389ec3a3cf3e57d7dc
Author: snipe <snipe@snipe.net>
Date: Tue Dec 13 14:00:48 2022 -0800
Merge pull request #12243 from akemidx/new_grey_out_when_no_assets
Created method in users.php for adding up all assigned to user and pr…
commit f3e57d7dc0
Author: akemidx <kojotek.dx@gmail.com>
Date: Tue Dec 13 16:00:59 2022 -0500
fixing PR
commit 389ec3a3cb
Merge: c432fb9d76a72c344b
Author: snipe <snipe@snipe.net>
Date: Tue Dec 13 12:57:50 2022 -0800
Merge pull request #12247 from Godmartinz/gh12225_serial_added_to_components
adds serial to components tab of assets
commit 6a72c344b7
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Dec 13 12:32:30 2022 -0800
removed the cuddlers
commit 4442b446b9
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Dec 13 10:30:37 2022 -0800
adds serial to components tab of assets
commit c432fb9d70
Merge: 9e8fff6e5fa872b09a
Author: snipe <snipe@snipe.net>
Date: Tue Dec 13 10:28:17 2022 -0800
Merge pull request #12181 from Godmartinz/gh12163_asset_age
Adds asset age to asset index and asset view pages
commit 07ae91b00f
Author: akemi <akemi@ShibaPro.local>
Date: Wed Dec 7 17:46:18 2022 -0500
Created method in users.php for adding up all assigned to user and providing an integer value. this then used to grey out buttons on user view if user has nothing assigned.
commit 450ad3dcec
Author: Ivan Nieto Vivanco <inietov@gmail.com>
Date: Mon Dec 12 14:17:08 2022 -0600
Added the column purchase_cost to user's default view
commit fa872b09a9
Author: Godfrey M <godmartinz@gmail.com>
Date: Mon Dec 12 10:38:31 2022 -0800
fixes a typo, the world is great again
commit eb67d1b064
Author: Ivan Nieto Vivanco <inietov@gmail.com>
Date: Tue Dec 6 18:00:16 2022 -0600
Filter items from the report if null returned
commit d0d0058e79
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Dec 6 11:19:28 2022 -0800
removed unwanted changes
commit bbd04f8876
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Dec 6 11:13:24 2022 -0800
adds the rest of the fields for Remote
commit 36901d271b
Author: Godfrey M <godmartinz@gmail.com>
Date: Mon Dec 5 16:28:19 2022 -0800
adds csvmatch for remote. Im a bit lost though lol
commit 3206929ee4
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Nov 29 09:51:42 2022 -0800
adds AgeFormatter, not working yet
commit 1fe0bfe17e
Author: snipe <snipe@snipe.net>
Date: Mon Nov 28 19:27:42 2022 -0800
Removed extra logging case that was very noisy
Signed-off-by: snipe <snipe@snipe.net>
commit 8d861cfd82
Author: Godfrey M <godmartinz@gmail.com>
Date: Mon Nov 28 10:59:18 2022 -0800
adds age to the asset table
commit 078e7281cd
Author: Godfrey M <godmartinz@gmail.com>
Date: Mon Nov 28 10:45:58 2022 -0800
adds asset age to asset view
commit f2d4a61e3c
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Oct 18 15:31:37 2022 -0700
removes dead space
commit 3f25a1bf61
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Oct 18 15:25:38 2022 -0700
removes dead code
commit f9ac447dd1
Merge: 9b448227fb7bcfaccc
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Oct 18 15:18:09 2022 -0700
adds default group to LDAP
commit 9b448227f7
Author: Godfrey M <godmartinz@gmail.com>
Date: Tue Sep 13 11:40:10 2022 -0700
tinkering to no avail
commit 28bc97f29f
Author: Godfrey M <godmartinz@gmail.com>
Date: Mon Sep 12 11:40:16 2022 -0700
one line away from this being over with
commit 193b31e427
Author: Godfrey M <godmartinz@gmail.com>
Date: Wed Aug 31 12:58:33 2022 -0700
select options working, testing sync then done
commit 70ac8af9c4
Author: Godfrey M <godmartinz@gmail.com>
Date: Wed Aug 31 09:53:20 2022 -0700
.
commit 0c362e8b57
Author: Godfrey M <godmartinz@gmail.com>
Date: Mon Aug 29 12:09:56 2022 -0700
gets the groups selector to appear but options are blank
commit fc6fefdb4e
Author: Godfrey M <godmartinz@gmail.com>
Date: Thu Aug 25 15:19:38 2022 -0700
adds migration, variables, checkbox,working on groups
commit 1a908e361e
Author: Tobias Regnery <tobias.regnery@gmail.com>
Date: Thu Jul 29 10:33:34 2021 +0200
Make locations deletable for non Superuser-Accounts with FullMultipleCompanySupport
locations->isDeletable() checks via gate::allows if a locations is deletable.
This calls SnipePermissionsPolicy->before() and checks for !Company::isCurrentUserHasAccess($item).
This returns false because locations don't have a company_id.
Check for this and return true if the item don't have a company_id.
Signed-off-by: snipe <snipe@snipe.net>
PHP 5.5.9+ adds the new static `class` property which provides the fully qualified class name. This is preferred over using class name strings as these references are checked by the parser.
* Fixes#6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report
TODO: Fid diff/threshold math
* Added route to list overdue / upcoming assets via API
* Controller/API methods for due/overdue audits
We could probably skip this and just handle it via view in the routes…
* Added query scopes for due and overdue audits
* Added audit due console command to kernel
* Added ability to pass audit specs to main API asset search method
* Added audit presenter
* Added bootstrap-tables presenter formatter to display an audit button
* Added gated sidenav items to left nav
* Added audit due/overdue blades
* Cleanup on audit due/overdue console command
* Added language strings for audit views
* Fixed :threshold placeholder
* Removed unused setting variable
* Fixed next audit date math
* Added scope for both overdue and upcoming
* Derp. Wrong version
* Bumped version
(I will release this version officially tomorrow)
* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)
* Fixed#7003 - crash when warranty months or purchase date is null
* Fixed#6956 - viewKeys policy inconsistent (#7009)
* Fixed#6956 - Added additional gates show showing/hiding license keys
* Modified gate to allow user to see licenses if they can create or edit the license as well
* Added API middleware to API routes to enable throttling
TODO: Figure out how to make this costumizable without touching the code
* Import locations from CSV via command line (#7021)
* Added import locations command
* Small fixes to location importer
* Added country, LDAP OU
* Cleaned up comments, added more clarification to what the script does
* Added ability to update groups via API
Fixes [ch9139]
* Bumped version
* Fixed#6883 - remove escaping of fields on LDAP import
* Fixed#6880 - correctly encrypt encrypted fields via the API
* Fixes#5054: LDAP users deactivated for none-ad (#7032)
When using none-AD ldap, users are automatically deactivated every LDAP
sync. This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.
Fixed#5054, at least for 4.X
* Updated packages
- Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
- Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
- Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
- Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
- Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
- Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
- Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
- Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)
* Fixed#7044 - API update deleted custom fields if they are not re-presented
* Fixed XSS vulnerability when creating a new categories, etc via modal on create
Same fix as before, because of the weird select2 post-parsing ajax behavior
* Updated email strings
* Fixed#7046 - added user website url back into UI
* Updated language strings
* Bumped version
* Updated packages
* New backups config for spatie
* Removed debugbar service provider (autodiscovery)
* Use laravel v5.5 withCount manual aliases
* Added spatie language files
* Removed old laravel backups config
This config file was renamed in a newer version of spatie laravel-backup
* Set the serialization
* Added the command loader to console kernel
* Renamed fire() to handle()
* Updated withCount to use manual naming
* Updated backup path in backup admin
* Updated travis with new php versions
* Bumped laravel version in readme
* Fixed custom field edit screen
* Fixed baseUrl is undefined error
I literally cannot figure out how this ever worked before.
* Fix for included files in backup
* Bumped version
* Switch has() to filled()
* Change ->has() to ->filled()
* Removed cosole log
* Bumped packages
* Use getReader instead of fetchAssoc for CSV parser
https://csv.thephpleague.com/9.0/upgrading/
* Handle JSON validation errors like 5.4
* Handle JSON validation errors like 5.4
* Handle JSON validation errors like 5.4
* Trying to fix ajax asset validation
This I think gets us closer, but still not handling the validation on the asset properly.
When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:
```
Illuminate\Support\MessageBag Object
(
[messages:protected] => Array
(
[name] => Array
(
[0] => The name field is required.
)
[seats] => Array
(
[0] => The seats field is required.
)
[category_id] => Array
(
[0] => The category id field is required.
)
)
[format:protected] => :message
)
```
Currently the Assets ajax returns:
```
[2019-05-24 06:52:06] develop.ERROR: array (
'messages' =>
array (
'model_id' =>
array (
0 => 'The model id field is required.',
),
'status_id' =>
array (
0 => 'The status id field is required.',
),
'asset_tag' =>
array (
0 => 'The asset tag field is required.',
),
),
)
```
So not sure why it’s not working.
* Fixed missing asset validation
* Check that a model exists before trying to fiddle with fieldsets
* Tidied up license check
* Removed extra escaping on checkin
* Updated importer to work with newer CSV Reader::getRecords() method
* Fixed field mapping
* Small fix for reordering fields
Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]
This needs revisiting for a more solid fix, especially for data that was already entered bad.
* Fixed bug where sorting by company name in Users API did not work
Fixes [ch9200]
* Removed custom fields from AssignedSearch to prevent confusing data in selectlist
Fixes [ch9193]
* Removed alert-danger from tests
* Fixed missed consumables_count withCount() statement
* Fixed Undefined variable user in $backto if checked out to a non-user
Fixes [ch9194]
* Check for valid model before attempting to access fieldsets
Fixes [ch1249]
* Only build the log upload destination path if there is a matching record
Fixes [ch1232]
* Fixed free_seats_count variable name
(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)
* Only gtry to delete the file if a record is found in the log
* Only try to get fieldset if model is valid
* Fixed more camel-casing -> snake-casing
* Only display the file if the log record can be found
* Fixed casing in sync command
* Updated README
* Derp - typo
* Added link to Atlassian plugin
* More Atlassian clarifications
* Show accessory image on view page
* Increased image size to 800px, added lightboxes
* Fixed#7083 - Removed user_exists constraint on department save
If the user has been deleted, this prevented the department from being successfully saved on edit
* Updated branch in version file
* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)
* bump up to php7.1
& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`
* AND modapache ><
* 2 updates required to get software-properties+ppa
* Bumped version
* Bumped release again :(
* Missed one
* Fixed#7098 - updated backup config for deleteFile() method
* Fixed#7092 - handle weird port forwarding/port numbers for baseUrl
* Bumped version
* Fixed#7099 - set email to null by default for backup notifications
* Removed old comments
* Fixed#7100 - Check if $user isset on checkin
* Increased throttle to 120 requests per minute
* Added Filipino, corrected order for Spanish variations
* Update language strings
* Bumped hash
* Changed has to filled to fix bulk asset editing
* Bumped point version
* Small fixes for phpleague CSB reader v9
* Improved error checking in locations importer
* Fixed#7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility
* Reduce minimum group name length to 2 (from 3)
eg: IT
* Back in time fix FOR #7145 for new installs on MySQL 8+
* Fixed permission insert
//TODO
Handle this via model
* Possible fix for reporting/admin migration back in time
* Fixed#7164 - change table name to permission_groups
* Fixed LDAP password blanking on save
* fixing previous commit's actual wiping of password (#7183)
replaced Input::fille('ldap_pword') with _filled_. Should be good to go.
https://github.com/snipe/snipe-it/issues/7179https://github.com/snipe/snipe-it/issues/7169
* Bumped version
* Downgrading rollbar for Laravel 5.5
* Spelling Correction (#7206)
Fixed Spelling for the word reqrite, to be rewrite.
* Fix#6910: Add logic to manipulate the eloquent query. (#7006)
* Added company_id to consumables_users table
* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users
* Remove a migration that tries to fix this problem, but is not longer necessary
* Addresses #7238 - add PWA code to layout
Needs additional UX testing
* Better log message for bad LDAP connection
* Fixed#7186 - has vs filled in User’s API blanking out groups if no group_ids are passed
* Comment clarification on #7186
* Check for valid seat on hardware view
* Added space between footer and custom message
* Cap warranty months to three characters
Filles rollbar 209
* Cap warranty months to 3 on the frontend blade
* Fixed countable() strings on user destroy
* Check that the user has assets and that the aset model is valid
* Bumped hash
* Caps asset warranty to 20 years
* Command to fix custom field unicode conversion differences between PHP versions (#7263)
* Fixes#7252 form request changes (#7272)
* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests
* Removed debug info
* More fixes for #7252
This is mostly working as intended, if not yet the way Laravel wants us to do it.
Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.
* Removed experimental method
* Check for digits_between:0,240 for warranty
* Removed debug code
* Apply fix from PR #7273 to master
* Bumped hash
* Fixed#7250 - permission issue for API fieldsets and fields endpoints
This applies the change from #7294 to master
* Add @mskrip as a contributor
* Fixed#7270 - Checking-in Assets via API Removes the Item's Asset Name
* CORS for api (#7292)
* Added CORS support to API
* Changed order so CORS will still work if throttle hit
* Added APP_CORS_ALLOWED_ORIGINS env option
* Fixed typo
* Clarified header comments
* More clarification
* DIsable CORS allowed origins by default to replicate existing behavior
* Change variable name to be clearer
* Bumped version
* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)
* Added comments to the ByFilter query scope for clarity
* Added accessories checkout/checkin API endpoint
* Fixed CVE-2019-10742
https://nvd.nist.gov/vuln/detail/CVE-2019-10742
* Update README.md (#7334)
Add reference to CSV importer.
* Group related variables in .env
* History importer fixes
* Fixes to history importer
* Fixed#6821 - confusing UI for 2FA when 2FA is universally enforced
I also updated the language in the user’s listing table to clarify what “activated” means
* Added login enabled info to user view
* Clarified comments
* Added info about 2FA on user profile
Because why not
* Added nowrap to table, and added 2FA reset for superadmins
snipe