lunax/snipe_it
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions
10432 commits 1 branch 0 tags 220 MiB
Commit graph

2757 commits

Author SHA1 Message Date
Brady Wetherington
ea71086dfc Yank assetlog from eager-load clause in API query for develop 2021-12-10 18:50:34 -08:00
Brady Wetherington
acfb41f129 Remove 'actionlog' from the ::with() clause in the asset query API 2021-12-10 18:42:56 -08:00
Haxatron
1699c09758
Update AssetModelsController.php 2021-12-09 21:42:18 +08:00
Haxatron
918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/ 2021-12-09 12:57:04 +08:00
snipe
86afe6c4b1 Cleanup slack validation 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 18:03:56 -08:00
snipe
ff97b359ad Removed form request on ajax, cleaned up some other things 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 17:58:46 -08:00
snipe
8fa690b635 Reverting form request because it doesn't seem to work (????!!) 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 17:54:15 -08:00
snipe
8c1cd87831 Added slacksettingsrequest as use statement 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 15:56:22 -08:00
snipe
80d36cd72b Added slack settings request 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-08 15:53:05 -08:00
snipe
ebdbc20740 Adds stricter validation for slack endpoints 
Signed-off-by: snipe <snipe@snipe.net>
 2021-12-06 11:40:24 -08:00
snipe
ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes 
Escape notes in transformCheckedOutAccessory
 2021-11-24 19:56:36 -08:00
snipe
00fad35c2a Escape notes in transformCheckedOutAccessory 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-24 19:54:45 -08:00
snipe
3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names 
Apply trim() function when storing Custom Fields names
 2021-11-24 19:42:04 -08:00
snipe
29bbfad693 Applied escaping fix from master to develop 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-24 19:38:27 -08:00
snipe
830d07f84f Removed escaping on input save for asset checkout on creation 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco
1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
snipe
bbb0d1be17 Possible fix for asset model editing when no custom fieldset is associated 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-15 21:09:35 -08:00
snipe
f7b483358f Escape custom field values in API response 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-15 20:32:59 -08:00
snipe
476e17055b Escape custom fields in API response 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-15 20:31:01 -08:00
snipe
46d2f8a81d Disallow file upload to backups on demo 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-15 19:42:02 -08:00
snipe
92b7aaf44b Log the user out upon successful restore 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-15 19:40:01 -08:00
snipe
f2f8f96991 Merge remote-tracking branch 'origin/master' into develop 
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Importer/ConsumableImporter.php
#	app/Models/Consumable.php
#	config/version.php
#	package-lock.json
#	package.json
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/views/custom_fields/fieldsets/view.blade.php
#	resources/views/layouts/default.blade.php
#	routes/web.php
#	routes/web/fields.php
 2021-11-15 19:24:38 -08:00
Brady Wetherington
864cc4f8d5 Fix FIXME's by downgrading them to TODO's :) 2021-11-10 11:37:10 -08:00
snipe
457c6080cc Better handling if there was no file uploaded 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-10 01:43:45 -08:00
snipe
96f76e1f6b INCOMPLETE: Added restore and upload methods for backups 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-10 00:07:17 -08:00
snipe
3b25093aeb Removed noisy debugging 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-09 22:38:27 -08:00
snipe
76506dabbf Made helpers call full namespace (tho I have no idea why this was necessary) 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-09 22:38:14 -08:00
snipe
1b1b54fbf4 Add modified_value and modified_display so we can use the formatted date but still sort correctly 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-09 22:37:49 -08:00
snipe
0e21a95817 Escape error message in asset autdit apI (same as in v5) 
Signed-off-by: snipe <snipe@snipe.net>
 2021-11-09 19:39:32 -08:00
Brady Wetherington
91f087258b Merge branch 'develop' into remove_old_ldap 2021-11-09 18:33:41 -08:00
Brady Wetherington
3ea209a507 Escape asset_tag attribute at controller level for consumption in bulk checkout 2021-11-08 20:27:43 -08:00
Brady Wetherington
a58c5ce27f Better documentation, disable AdLdap2-based "Add domain" setting 2021-11-08 17:11:47 -08:00
Brady Wetherington
b0417e5bd7 Finish pulling out the AdLdap2-based LDAP remnants that were still in the system 2021-11-03 15:22:06 -07:00
Brady Wetherington
4dda28de9e WIP: cleaning up LDAP 2021-10-28 18:19:50 -07:00
Brady Wetherington
31933a56fa Trying to get the login screen working 2021-10-28 18:18:11 -07:00
snipe
ea0d92c439
Merge branch 'develop' into fixes/fmcs_departments 2021-10-28 18:18:08 -07:00
snipe
d36849bd41
Merge branch 'develop' into feature/remove_deleted_user_from_unaccepted_assets_report 2021-10-28 18:11:03 -07:00
snipe
84a3a85823 Fixed parse error for merge conflict 
Signed-off-by: snipe <snipe@snipe.net>
 2021-10-28 18:04:03 -07:00
snipe
798f6d65de
Merge pull request #9847 from inietov/bug/ch15357/requested_assets_allow_to_cancel_if_checkedout_to_self 
Adds a check to know if the asset is checked out to the logged in user to allow check the state in the view
 2021-10-28 17:53:24 -07:00
snipe
bdf321ecc9
Merge branch 'develop' into change-var-aws-public-url 2021-10-28 17:46:16 -07:00
snipe
645529ba78
Merge pull request #9889 from ncareau/api-licenses 
Add licenses api parameters and fix a missing variable in license view.
 2021-10-28 17:20:09 -07:00
snipe
2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1 
API: Do not include deleted items per default on lookup by serial
 2021-10-28 17:09:20 -07:00
snipe
3088230236
Merge pull request #10209 from Godmartinz/feature/sc-1474/sync-parent-asset-location-with-children-assets 
Fixes Bug: When parent asset is assigned to other location, children assets loca…
 2021-10-28 16:49:44 -07:00
snipe
1895dd326f
Merge pull request #10245 from Sxderp/pr-support-appache-rewrite-redirect-headers-for-remote-user 
support apache REDIRECT_* for remote user login
 2021-10-28 16:34:57 -07:00
snipe
52ef9280ba Adds reqestable as model bulk edit field 
Signed-off-by: snipe <snipe@snipe.net>
 2021-10-28 15:15:54 -07:00
Steven Daniele
efc644c960 support apache REDIRECT_* for remote user login 2021-10-28 14:23:38 -04:00
snipe
17bf899a17 Set default_label to 0 instead of null in API 
Signed-off-by: snipe <snipe@snipe.net>
 2021-10-25 20:14:01 -07:00
snipe
8b1c60a17a Make gates a little more consistent 
Signed-off-by: snipe <snipe@snipe.net>
 2021-10-25 15:34:22 -07:00
snipe
033c3253bb Fixed permissions array to handle missing clone button 
Signed-off-by: snipe <snipe@snipe.net>
 2021-10-25 14:10:17 -07:00
Ivan Nieto Vivanco
9eaf89aaa7 Add a variable to better control the selected user's ids 2021-10-21 13:28:58 -05:00