lunax/snipe_it
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions

Merge remote-tracking branch 'origin/develop'

Browse source 
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	public/js/dist/all-defer.js
#	public/mix-manifest.json
This commit is contained in:
snipe 2024-03-27 16:18:28 +00:00
commit 3bb81d1e4d
13 changed files with 129 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
app/Http/Controllers/Api/AssetsController.php
View file

@ -591,6 +591,11 @@ class AssetsController extends Controller
} }
} }
} }
if ($field->element == 'checkbox') {
if(is_array($field_val)) {
$field_val = implode(',', $field_val);
}
}
$asset->{$field->db_column} = $field_val; $asset->{$field->db_column} = $field_val;
@ -659,13 +664,22 @@ class AssetsController extends Controller
// Update custom fields // Update custom fields
if (($model) && (isset($model->fieldset))) { if (($model) && (isset($model->fieldset))) {
foreach ($model->fieldset->fields as $field) { foreach ($model->fieldset->fields as $field) {
$field_val = $request->input($field->db_column, null);
if ($request->has($field->db_column)) { if ($request->has($field->db_column)) {
if ($field->field_encrypted == '1') { if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) { if (Gate::allows('admin')) {
$asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column)); $asset->{$field->db_column} = Crypt::encrypt($field_val);
} }
} else { }
$asset->{$field->db_column} = $request->input($field->db_column); if ($field->element == 'checkbox') {
if(is_array($field_val)) {
$field_val = implode(',', $field_val);
$asset->{$field->db_column} = $field_val;
}
}
else {
$asset->{$field->db_column} = $field_val;
} }
} }
} }

21
app/Http/Controllers/Api/UsersController.php
View file

@ -560,7 +560,26 @@ class UsersController extends Controller
{ {
$this->authorize('view', User::class); $this->authorize('view', User::class);
$this->authorize('view', Asset::class); $this->authorize('view', Asset::class);
$assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get(); $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');
// Filter on category ID
if ($request->filled('category_id')) {
$assets = $assets->InCategory($request->input('category_id'));
}
// Filter on model ID
if ($request->filled('model_id')) {
$model_ids = $request->input('model_id');
if (!is_array($model_ids)) {
$model_ids = array($model_ids);
}
$assets = $assets->InModelList($model_ids);
}
$assets = $assets->get();
return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request); return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
} }

5
app/Http/Controllers/AssetModelsController.php
View file

@ -7,6 +7,7 @@ use App\Http\Requests\ImageUploadRequest;
use App\Models\Actionlog; use App\Models\Actionlog;
use App\Models\Asset; use App\Models\Asset;
use App\Models\AssetModel; use App\Models\AssetModel;
use App\Models\CustomField;
use App\Models\User; use App\Models\User;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
@ -486,11 +487,11 @@ class AssetModelsController extends Controller
* @param array $defaultValues * @param array $defaultValues
* @return void * @return void
*/ */
private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues) private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues): bool
{ {
$data = array(); $data = array();
foreach ($defaultValues as $customFieldId => $defaultValue) { foreach ($defaultValues as $customFieldId => $defaultValue) {
$customField = \App\Models\CustomField::find($customFieldId); $customField = CustomField::find($customFieldId);
$data[$customField->db_column] = $defaultValue; $data[$customField->db_column] = $defaultValue;
} }

14
app/Http/Controllers/SettingsController.php
View file

@ -20,6 +20,7 @@ use DB;
use enshrined\svgSanitize\Sanitizer; use enshrined\svgSanitize\Sanitizer;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage; use Illuminate\Support\Facades\Storage;
use Illuminate\Validation\Rule;
use Image; use Image;
use Input; use Input;
use Redirect; use Redirect;
@ -499,6 +500,19 @@ class SettingsController extends Controller
*/ */
public function postSecurity(Request $request) public function postSecurity(Request $request)
{ {
$this->validate($request, [
'pwd_secure_complexity' => 'array',
'pwd_secure_complexity.*' => [
Rule::in([
'disallow_same_pwd_as_user_fields',
'letters',
'numbers',
'symbols',
'case_diff',
])
]
]);
if (is_null($setting = Setting::getSettings())) { if (is_null($setting = Setting::getSettings())) {
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error')); return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
} }

17
app/Models/CustomFieldset.php
View file

@ -5,6 +5,8 @@ namespace App\Models;
use Gate; use Gate;
use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Log;
use Illuminate\Validation\Rule;
use Watson\Validating\ValidatingTrait; use Watson\Validating\ValidatingTrait;
class CustomFieldset extends Model class CustomFieldset extends Model
@ -92,8 +94,19 @@ class CustomFieldset extends Model
array_push($rule, $field->attributes['format']); array_push($rule, $field->attributes['format']);
$rules[$field->db_column_name()] = $rule; $rules[$field->db_column_name()] = $rule;
//add not_array to rules for all fields
$rules[$field->db_column_name()][] = 'not_array'; // add not_array to rules for all fields but checkboxes
if ($field->element != 'checkbox') {
$rules[$field->db_column_name()][] = 'not_array';
}
if ($field->element == 'checkbox') {
$rules[$field->db_column_name()][] = 'checkboxes';
}
if ($field->element == 'radio') {
$rules[$field->db_column_name()][] = 'radio_buttons';
}
} }
return $rules; return $rules;

36
app/Providers/ValidationServiceProvider.php
View file

@ -2,9 +2,12 @@
namespace App\Providers; namespace App\Providers;
use App\Models\CustomField;
use App\Models\Department; use App\Models\Department;
use App\Models\Setting; use App\Models\Setting;
use DB; use DB;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
use Illuminate\Validation\Rule; use Illuminate\Validation\Rule;
use Validator; use Validator;
@ -294,6 +297,39 @@ class ValidationServiceProvider extends ServiceProvider
Validator::extend('not_array', function ($attribute, $value, $parameters, $validator) { Validator::extend('not_array', function ($attribute, $value, $parameters, $validator) {
return !is_array($value); return !is_array($value);
}); });
// This is only used in Models/CustomFieldset.php - it does automatic validation for checkboxes by making sure
// that the submitted values actually exist in the options.
Validator::extend('checkboxes', function ($attribute, $value, $parameters, $validator){
$field = CustomField::where('db_column', $attribute)->first();
$options = $field->formatFieldValuesAsArray();
if(is_array($value)) {
$invalid = array_diff($value, $options);
if(count($invalid) > 0) {
return false;
}
}
// for legacy, allows users to submit a comma separated string of options
elseif(!is_array($value)) {
$exploded = array_map('trim', explode(',', $value));
$invalid = array_diff($exploded, $options);
if(count($invalid) > 0) {
return false;
}
}
return true;
});
// Validates that a radio button option exists
Validator::extend('radio_buttons', function ($attribute, $value) {
$field = CustomField::where('db_column', $attribute)->first();
$options = $field->formatFieldValuesAsArray();
return in_array($value, $options);
});
} }
/** /**

6
package-lock.json generated
View file

@ -2379,9 +2379,9 @@
} }
}, },
"alpinejs": { "alpinejs": {
"version": "3.13.5", "version": "3.13.7",
"resolved": "https://registry.npmjs.org/alpinejs/-/alpinejs-3.13.5.tgz", "resolved": "https://registry.npmjs.org/alpinejs/-/alpinejs-3.13.7.tgz",
"integrity": "sha512-1d2XeNGN+Zn7j4mUAKXtAgdc4/rLeadyTMWeJGXF5DzwawPBxwTiBhFFm6w/Ei8eJxUZeyNWWSD9zknfdz1kEw==", "integrity": "sha512-rcTyjTANbsePq1hb7eSekt3qjI94HLGeO6JaRjCssCVbIIc+qBrc7pO5S/+2JB6oojIibjM6FA+xRI3zhGPZIg==",
"requires": { "requires": {
"@vue/reactivity": "~3.1.1" "@vue/reactivity": "~3.1.1"
} }

2
package.json
View file

@ -33,7 +33,7 @@
"acorn-import-assertions": "^1.9.0", "acorn-import-assertions": "^1.9.0",
"admin-lte": "^2.4.18", "admin-lte": "^2.4.18",
"ajv": "^6.12.6", "ajv": "^6.12.6",
"alpinejs": "^3.13.5", "alpinejs": "^3.13.6",
"blueimp-file-upload": "^9.34.0", "blueimp-file-upload": "^9.34.0",
"bootstrap": "^3.4.1", "bootstrap": "^3.4.1",
"bootstrap-colorpicker": "^2.5.3", "bootstrap-colorpicker": "^2.5.3",

2
public/js/dist/all-defer.js vendored
View file

File diff suppressed because one or more lines are too long

2
public/mix-manifest.json
View file

@ -33,7 +33,7 @@
"/js/build/vendor.js": "/js/build/vendor.js?id=a2b971da417306a63385c8098acfe4af", "/js/build/vendor.js": "/js/build/vendor.js?id=a2b971da417306a63385c8098acfe4af",
"/js/dist/bootstrap-table.js": "/js/dist/bootstrap-table.js?id=857da5daffd13e0553510e5ccd410c79", "/js/dist/bootstrap-table.js": "/js/dist/bootstrap-table.js?id=857da5daffd13e0553510e5ccd410c79",
"/js/dist/all.js": "/js/dist/all.js?id=fca6ea9956fd827d9790c08e0e982b22", "/js/dist/all.js": "/js/dist/all.js?id=fca6ea9956fd827d9790c08e0e982b22",
"/js/dist/all-defer.js": "/js/dist/all-defer.js?id=19ccc62a8f1ea103dede4808837384d4", "/js/dist/all-defer.js": "/js/dist/all-defer.js?id=18d36546bdad8285c229008df799b343",
"/css/dist/skins/skin-green.min.css": "/css/dist/skins/skin-green.min.css?id=b48f4d8af0e1ca5621c161e93951109f", "/css/dist/skins/skin-green.min.css": "/css/dist/skins/skin-green.min.css?id=b48f4d8af0e1ca5621c161e93951109f",
"/css/dist/skins/skin-green-dark.min.css": "/css/dist/skins/skin-green-dark.min.css?id=0ed42b67f9b02a74815e885bfd9e3f66", "/css/dist/skins/skin-green-dark.min.css": "/css/dist/skins/skin-green-dark.min.css?id=0ed42b67f9b02a74815e885bfd9e3f66",
"/css/dist/skins/skin-black.min.css": "/css/dist/skins/skin-black.min.css?id=1f33ca3d860461c1127ec465ab3ebb6b", "/css/dist/skins/skin-black.min.css": "/css/dist/skins/skin-black.min.css?id=1f33ca3d860461c1127ec465ab3ebb6b",

8
resources/lang/en-US/validation.php
View file

@ -105,6 +105,8 @@ return [
'gte' => [ 'gte' => [
'numeric' => 'Value cannot be negative' 'numeric' => 'Value cannot be negative'
], ],
'checkboxes' => ':attribute contains invalid options.',
'radio_buttons' => ':attribute is invalid.',
/* /*
@ -151,4 +153,10 @@ return [
'attributes' => [], 'attributes' => [],
/*
|--------------------------------------------------------------------------
| Generic Validation Messages
|--------------------------------------------------------------------------
*/
'invalid_value_in_field' => 'Invalid value included in this field',
]; ];

8
resources/views/custom_fields/fields/edit.blade.php
View file

@ -135,7 +135,7 @@
@if (!$field->id) @if (!$field->id)
<!-- Encrypted --> <!-- Encrypted -->
<div class="col-md-9 col-md-offset-3"> <div class="col-md-9 col-md-offset-3" id="encryption_section">
<label class="form-control"> <label class="form-control">
<input type="checkbox" value="1" name="field_encrypted" id="field_encrypted"{{ (Request::old('field_encrypted') || $field->field_encrypted) ? ' checked="checked"' : '' }}> <input type="checkbox" value="1" name="field_encrypted" id="field_encrypted"{{ (Request::old('field_encrypted') || $field->field_encrypted) ? ' checked="checked"' : '' }}>
{{ trans('admin/custom_fields/general.encrypt_field') }} {{ trans('admin/custom_fields/general.encrypt_field') }}
@ -146,7 +146,6 @@
<p><i class="fas fa-exclamation-triangle" aria-hidden="true"></i> {{ trans('admin/custom_fields/general.encrypt_field_help') }}</p> <p><i class="fas fa-exclamation-triangle" aria-hidden="true"></i> {{ trans('admin/custom_fields/general.encrypt_field_help') }}</p>
</div> </div>
</div> </div>
@endif @endif
@ -298,11 +297,16 @@
}).change(); }).change();
// Only display the field element if the type is not text // Only display the field element if the type is not text
// and don't display encryption option for checkbox or radio
$(".field_element").change(function(){ $(".field_element").change(function(){
$(this).find("option:selected").each(function(){ $(this).find("option:selected").each(function(){
if (($(this).attr("value")!="text") && ($(this).attr("value")!="textarea")){ if (($(this).attr("value")!="text") && ($(this).attr("value")!="textarea")){
$("#field_values_text").show(); $("#field_values_text").show();
if ($(this).attr("value") == "checkbox" || $(this).attr("value") == "radio") {
$("#encryption_section").hide();
}
} else{ } else{
$("#encryption_section").show();
$("#field_values_text").hide(); $("#field_values_text").hide();
} }
}); });

6
resources/views/settings/security.blade.php
View file

@ -74,12 +74,11 @@
<!-- Common Passwords --> <!-- Common Passwords -->
<div class="form-group"> <div class="form-group {{ $errors->has('pwd_secure_complexity.*') ? 'error' : '' }}">
<div class="col-md-3"> <div class="col-md-3">
{{ Form::label('pwd_secure_complexity', trans('admin/settings/general.pwd_secure_complexity')) }} {{ Form::label('pwd_secure_complexity', trans('admin/settings/general.pwd_secure_complexity')) }}
</div> </div>
<div class="col-md-9"> <div class="col-md-9">
<label class="form-control"> <label class="form-control">
<span class="sr-only">{{ trans('admin/settings/general.pwd_secure_uncommon') }}</span> <span class="sr-only">{{ trans('admin/settings/general.pwd_secure_uncommon') }}</span>
{{ Form::checkbox('pwd_secure_uncommon', '1', old('pwd_secure_uncommon', $setting->pwd_secure_uncommon),array( 'aria-label'=>'pwd_secure_uncommon')) }} {{ Form::checkbox('pwd_secure_uncommon', '1', old('pwd_secure_uncommon', $setting->pwd_secure_uncommon),array( 'aria-label'=>'pwd_secure_uncommon')) }}
@ -106,6 +105,9 @@
{{ trans('admin/settings/general.pwd_secure_complexity_case_diff') }} {{ trans('admin/settings/general.pwd_secure_complexity_case_diff') }}
</label> </label>
@if ($errors->has('pwd_secure_complexity.*'))
<span class="alert-msg">{{ trans('validation.invalid_value_in_field') }}</span>
@endif
<p class="help-block"> <p class="help-block">
{{ trans('admin/settings/general.pwd_secure_complexity_help') }} {{ trans('admin/settings/general.pwd_secure_complexity_help') }}
</p> </p>