lunax/snipe_it
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions
snipe_it/app/Http/Controllers
History
Tobias Regnery fb4fe30049 Fix asset creation with API and FullMultipleCompanySupport 
It is currently possible to create an asset with arbitrary company without being superuser and FullMultipleCompanySupport enabled.
This bug goes back to 75ac7f80b9 which is part of version 6.3.0.
Fix this by restoring the previous behaviour to check the company_id with getIdForCurrentUser().
2024-10-11 12:19:20 +02:00
..
Accessories Change user_id to created_by 2024-09-17 22:16:41 +01:00
Account change the other one too 2024-10-01 14:26:32 -05:00
Api Fix asset creation with API and FullMultipleCompanySupport 2024-10-11 12:19:20 +02:00
Assets Added checkin action on delete for checked out assets 2024-10-01 14:29:02 +01:00
Auth Prevent passing an array as login 2024-08-18 04:51:36 +01:00
Components Use auth()->id() instead of Auth::id() 2024-09-19 17:31:46 +01:00
Consumables Use auth()->id() instead of Auth::id() 2024-09-19 17:31:46 +01:00
Kits Added created_by to kits 2024-09-19 17:01:17 +01:00
Licenses Use auth()->id() instead of Auth::id() 2024-09-19 17:31:46 +01:00
Users Make controller gate match dropdown gate 2024-09-25 20:33:00 +01:00
ActionlogController.php Type constrains one more time - who thought this was a good idea? 2024-07-09 19:50:58 +01:00
AssetMaintenancesController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
AssetModelsController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
AssetModelsFilesController.php Fixed typehint on asset model files 2024-07-08 22:00:45 +01:00
BulkAssetModelsController.php Moar typehinting 2024-07-04 22:37:58 +01:00
CategoriesController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
CheckInOutRequest.php Default to user 2024-08-07 18:04:39 +01:00
CompaniesController.php Added created by to company on save 2024-09-19 20:34:54 +01:00
Controller.php Modernize use statements, switch to auth() 2024-07-04 20:49:22 +01:00
CustomFieldsController.php Use auth()->id() instead of Auth::id() 2024-09-19 17:31:46 +01:00
CustomFieldsetsController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
DashboardController.php Reflash session so login message is displayed 2024-09-09 14:54:19 -07:00
DepartmentsController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
DepreciationsController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
GoogleAuthController.php Moar typehinting 2024-07-04 22:37:58 +01:00
GroupsController.php Moar typehinting 2024-07-04 22:37:58 +01:00
HealthController.php Removed die() 2024-10-02 15:48:35 +01:00
LabelsController.php Removed return 2024-07-08 17:41:20 +01:00
LocationsController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
ManufacturersController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
ModalController.php Modernize use statements, switch to auth() 2024-07-04 20:49:22 +01:00
ProfileController.php Change controller to assume a collection. (This is dumb, but whatever) 2024-10-03 16:19:27 +01:00
ReportsController.php Merge remote-tracking branch 'upstream/develop' into eol_date_range_for_reports 2024-08-19 19:33:44 -04:00
SettingsController.php Remove form request from get LDAP method 2024-10-09 22:15:49 +01:00
StatuslabelsController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
SuppliersController.php Change user_id to created_by 2024-09-17 22:16:41 +01:00
ViewAssetsController.php change error to warning 2024-10-01 14:24:03 -05:00