Compare commits
3 Commits
master
...
xss-seeders
| Author | SHA1 | Date | |
|---|---|---|---|
 snipe
|
9280b92b2e | ||
|
snipe
|
8cae765835 | ||
|
snipe
|
7a8ddd85ed |
@@ -197,4 +197,18 @@ class AccessoryFactory extends Factory
|
||||
]);
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestAccessory()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'name' => "<script>alert('xssTest manufacturer')</script>",
|
||||
'category_id' => Category::factory()->xssTestCategory(),
|
||||
'manufacturer_id' => Manufacturer::factory()->xssTestManufacturer(),
|
||||
'qty' => 10,
|
||||
'min_amt' => 2,
|
||||
'supplier_id' => Supplier::factory()->xssTestSupplier(),
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -458,4 +458,20 @@ class AssetModelFactory extends Factory
|
||||
];
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestAssetModel() {
|
||||
return $this->state(function () {
|
||||
$data = [
|
||||
'name' => "<script>alert('xssTest asset model')</script>",
|
||||
'category_id' => Category::factory()->xssTestCategory(),
|
||||
'manufacturer_id' => Manufacturer::factory()->xssTestManufacturer(),
|
||||
'notes' => "<script>alert('xssTest asset model notes')</script>",
|
||||
'created_by' => function () {
|
||||
return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
},
|
||||
];
|
||||
|
||||
return $data;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -215,4 +215,16 @@ class CategoryFactory extends Factory
|
||||
'require_acceptance' => false,
|
||||
]);
|
||||
}
|
||||
|
||||
public function xssTestCategory()
|
||||
{
|
||||
return $this->state([
|
||||
'name' => "<script>alert('xssTest category name')</script>",
|
||||
'notes' => "<script>alert('xssTest category notes')</script>",
|
||||
'tag_color' => "<script>alert('xssTest category tag')</script>",
|
||||
'created_by' => function () {
|
||||
return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
},
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
namespace Database\Factories;
|
||||
|
||||
use App\Models\Company;
|
||||
use App\Models\User;
|
||||
use Illuminate\Database\Eloquent\Factories\Factory;
|
||||
|
||||
class CompanyFactory extends Factory
|
||||
@@ -28,4 +29,16 @@ class CompanyFactory extends Factory
|
||||
'tag_color' => $this->faker->hexColor(),
|
||||
];
|
||||
}
|
||||
|
||||
public function xssTestCompany()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'name' => "<script>alert('xssTest company')</script>",
|
||||
'tag_color' => "<script>alert('xssTest company tag')</script>",
|
||||
'notes' => "<script>alert('xssTest company notes')</script>",
|
||||
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -94,4 +94,20 @@ class DepartmentFactory extends Factory
|
||||
];
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestDepartment() {
|
||||
|
||||
return $this->state(function () {
|
||||
$data = [
|
||||
'name' => "<script>alert('xssTest department')</script>",
|
||||
'notes' => "<script>alert('xssTest department notes')</script>",
|
||||
'tag_color' => "<script>alert('xssTest department tag')</script>",
|
||||
'created_by' => function () {
|
||||
return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
},
|
||||
];
|
||||
|
||||
return $data;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -29,4 +29,15 @@ class GroupFactory extends Factory
|
||||
'permissions' => json_encode([]),
|
||||
];
|
||||
}
|
||||
|
||||
public function xssTestGroup()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'name' => "<script>alert('xssTest group')</script>",
|
||||
'notes' => "<script>alert('xssTest group notes')</script>",
|
||||
'created_by' => User::factory()->xssTestUser(),
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -119,4 +119,23 @@ class LicenseFactory extends Factory
|
||||
return $data;
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestLicense() {
|
||||
|
||||
return $this->state(function () {
|
||||
$data = [
|
||||
'name' => "<script>alert('xssTest license')</script>",
|
||||
'manufacturer_id' => Manufacturer::factory()->xssTestManufacturer(),
|
||||
'purchase_cost' => '49.99',
|
||||
'seats' => 5,
|
||||
'category_id' => Category::factory()->xssTestCategory(),
|
||||
// 'created_by' => function () {
|
||||
// return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
// },
|
||||
];
|
||||
|
||||
return $data;
|
||||
});
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,4 +44,25 @@ class LocationFactory extends Factory
|
||||
];
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestLocation()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'address' => "<script>alert('xssTest location address')</script>",
|
||||
'address2' => "<script>alert('xssTest location address2')</script>",
|
||||
'city' => "<script>alert('xssTest location city')</script>",
|
||||
'country' => "<script>alert('xssTest location country')</script>",
|
||||
'name' => "<script>alert('xssTest location')</script>",
|
||||
'notes' => "<script>alert('xssTest location notes')</script>",
|
||||
'phone' => "<script>alert('xssTest location phone')</script>",
|
||||
'state' => "<script>alert('xssTest location state')</script>",
|
||||
'tag_color' => "<script>alert('xssTest location tag')</script>",
|
||||
'zip' => "<script>alert('xssTest location zip')</script>",
|
||||
// 'created_by' => function () {
|
||||
// return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
// },
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -212,4 +212,19 @@ class ManufacturerFactory extends Factory
|
||||
];
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestManufacturer()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'name' => "<script>alert('xssTest manufacturer')</script>",
|
||||
'support_phone' => "<script>alert('xssTest manufacturer phone')</script>",
|
||||
'tag_color' => "<script>alert('xssTest manufacturer tag')</script>",
|
||||
'image' => 'demo-xss.jpg',
|
||||
'created_by' => function () {
|
||||
return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
},
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -112,4 +112,18 @@ class StatuslabelFactory extends Factory
|
||||
];
|
||||
});
|
||||
}
|
||||
|
||||
public function xssTestStatuslabel()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'name' => "<script>alert('xssTest label')</script>",
|
||||
'created_by' => function () {
|
||||
return User::where('username', "<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
},
|
||||
];
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -40,4 +40,25 @@ class SupplierFactory extends Factory
|
||||
'zip' => $this->faker->postCode(),
|
||||
];
|
||||
}
|
||||
|
||||
public function xssTestSupplier()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return [
|
||||
'name' => "<script>alert('xssTest supplier')</script>",
|
||||
'url' => "https://xssTest.<script>alert('xssTest supplier url')</script>.com",
|
||||
'phone' => "<script>alert('xssTest supplier phone')</script>",
|
||||
'fax' => "<script>alert('xssTest supplier fax')</script>",
|
||||
'contact' => "<script>alert('xssTest supplier contact')</script>",
|
||||
'tag_color' => "<script>alert('xssTest supplier tag')</script>",
|
||||
'notes' => "<script>alert('xssTest supplier notes')</script>",
|
||||
'address' => "<script>alert('xssTest supplier address')</script>",
|
||||
'address2' => "<script>alert('xssTest supplier address2')</script>",
|
||||
'city' => "<script>alert('xssTest supplier city')</script>",
|
||||
'state' => "<script>alert('xssTest supplier state')</script>",
|
||||
'country' => "<script>alert('xssTest supplier country')</script>",
|
||||
'zip' => "<script>alert('xssTest supplier zip')</script>",
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace Database\Factories;
|
||||
|
||||
use App\Models\Company;
|
||||
use App\Models\User;
|
||||
use App\Models\Location;
|
||||
use Illuminate\Database\Eloquent\Factories\Factory;
|
||||
use \Auth;
|
||||
|
||||
@@ -427,4 +428,23 @@ class UserFactory extends Factory
|
||||
{
|
||||
return $this->state(['deleted_at' => $this->faker->dateTime()]);
|
||||
}
|
||||
|
||||
public function xssTestUser()
|
||||
{
|
||||
return $this->state(function () {
|
||||
return User::where('username', '=', "xssTest@<script>alert('xssTest username')</script>.com")->first() ??
|
||||
[
|
||||
'first_name' => "<script>alert('xssTest user first name')</script>",
|
||||
'last_name' => "<script>alert('xssTest last first')</script>",
|
||||
'username' => "xssTest".$this->faker->numberBetween(3500, 35050)."@<script>alert('xssTest username')</script>.com",
|
||||
'employee_num' => "<script>alert('xssTest user number')</script>",
|
||||
'jobtitle' => "<script>alert('xssTest jobtitle')</script>",
|
||||
'mobile' => "<script>alert('xssTest mobile number')</script>",
|
||||
'notes' => "<script>alert('xssTest asset model notes')</script>",
|
||||
'location_id' => function () {
|
||||
return Location::where('name', "<script>alert('xssTest location')</script>")->first() ?? Location::factory()->xssTestLocation()->create();
|
||||
},
|
||||
];
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
namespace Database\Seeders;
|
||||
|
||||
use App\Models\Accessory;
|
||||
use App\Models\Category;
|
||||
use App\Models\Location;
|
||||
use App\Models\Supplier;
|
||||
use App\Models\User;
|
||||
@@ -28,6 +29,8 @@ class AccessorySeeder extends Seeder
|
||||
$this->call(SupplierSeeder::class);
|
||||
}
|
||||
|
||||
Category::factory()->count(1)->xssTestCategory()->create(['category_type' => 'accessory']);
|
||||
|
||||
$supplierIds = Supplier::all()->pluck('id');
|
||||
|
||||
$admin = User::where('permissions->superuser', '1')->first() ?? User::factory()->firstAdmin()->create();
|
||||
@@ -57,6 +60,8 @@ class AccessorySeeder extends Seeder
|
||||
]);
|
||||
|
||||
|
||||
Accessory::factory()->count(1)->xssTestAccessory()->create();
|
||||
|
||||
$src = public_path('/img/demo/accessories/');
|
||||
$dst = 'accessories'.'/';
|
||||
$del_files = Storage::files($dst);
|
||||
|
||||
@@ -45,6 +45,7 @@ class AssetModelSeeder extends Seeder
|
||||
// Displays
|
||||
AssetModel::factory()->count(1)->ultrafine()->create(['created_by' => $admin->id]);
|
||||
AssetModel::factory()->count(1)->ultrasharp()->create(['created_by' => $admin->id]);
|
||||
AssetModel::factory()->count(1)->xssTestAssetModel()->create();
|
||||
|
||||
$src = public_path('/img/demo/models/');
|
||||
$dst = 'models'.'/';
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
namespace Database\Seeders;
|
||||
|
||||
use App\Models\Asset;
|
||||
use App\Models\Category;
|
||||
use App\Models\Location;
|
||||
use App\Models\Supplier;
|
||||
use App\Models\User;
|
||||
@@ -49,6 +50,7 @@ class AssetSeeder extends Seeder
|
||||
Asset::factory()->count(40)->phoneIphone12()->state(new Sequence($this->getState()))->create();
|
||||
Asset::factory()->count(20)->ultrafine()->state(new Sequence($this->getState()))->create();
|
||||
Asset::factory()->count(20)->ultrasharp()->state(new Sequence($this->getState()))->create();
|
||||
Category::factory()->count(1)->xssTestCategory()->create(['category_type' => 'assets']);
|
||||
|
||||
$del_files = Storage::files('assets');
|
||||
foreach ($del_files as $del_file) { // iterate files
|
||||
|
||||
@@ -29,5 +29,6 @@ class CategorySeeder extends Seeder
|
||||
Category::factory()->count(1)->componentRamCategory()->create(['created_by' => $admin->id]);
|
||||
Category::factory()->count(1)->licenseGraphicsCategory()->create(['created_by' => $admin->id]);
|
||||
Category::factory()->count(1)->licenseOfficeCategory()->create(['created_by' => $admin->id]);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,6 +19,7 @@ class CompanySeeder extends Seeder
|
||||
Log::debug('Seed companies');
|
||||
Company::truncate();
|
||||
Company::factory()->count(4)->create();
|
||||
Company::factory()->xssTestCompany()->count(1)->create();
|
||||
|
||||
$src = public_path('/img/demo/companies/');
|
||||
$dst = 'companies'.'/';
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace Database\Seeders;
|
||||
|
||||
use App\Models\Category;
|
||||
use App\Models\Company;
|
||||
use App\Models\Component;
|
||||
use App\Models\Location;
|
||||
@@ -43,5 +44,7 @@ class ComponentSeeder extends Seeder
|
||||
'company_id' => $companyIds->random(),
|
||||
'location_id' => $locationIds->random(),
|
||||
]);
|
||||
|
||||
Category::factory()->count(1)->xssTestCategory()->create(['category_type' => 'components']);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace Database\Seeders;
|
||||
|
||||
use App\Models\Category;
|
||||
use App\Models\Consumable;
|
||||
use App\Models\User;
|
||||
use Illuminate\Database\Seeder;
|
||||
@@ -19,5 +20,6 @@ class ConsumableSeeder extends Seeder
|
||||
Consumable::factory()->count(1)->cardstock()->create(['created_by' => $admin->id]);
|
||||
Consumable::factory()->count(1)->paper()->create(['created_by' => $admin->id]);
|
||||
Consumable::factory()->count(1)->ink()->create(['created_by' => $admin->id]);
|
||||
Category::factory()->count(1)->xssTestCategory()->create(['category_type' => 'consumables']);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,10 +27,10 @@ class DatabaseSeeder extends Seeder
|
||||
}
|
||||
|
||||
$this->call(CompanySeeder::class);
|
||||
$this->call(CategorySeeder::class);
|
||||
$this->call(LocationSeeder::class);
|
||||
$this->call(DepartmentSeeder::class);
|
||||
$this->call(UserSeeder::class);
|
||||
$this->call(CategorySeeder::class);
|
||||
$this->call(DepreciationSeeder::class);
|
||||
$this->call(ManufacturerSeeder::class);
|
||||
$this->call(SupplierSeeder::class);
|
||||
|
||||
@@ -20,6 +20,8 @@ class DepartmentSeeder extends Seeder
|
||||
$locationIds = Location::all()->pluck('id');
|
||||
|
||||
$admin = User::where('permissions->superuser', '1')->first() ?? User::factory()->firstAdmin()->create();
|
||||
$xssAdmin = User::where('username','=',"<script>alert('xssTest username')</script>@example.org")->first() ?? User::factory()->xssTestUser()->create();
|
||||
|
||||
|
||||
Department::factory()->count(1)->hr()->create([
|
||||
'location_id' => $locationIds->random(),
|
||||
@@ -50,5 +52,7 @@ class DepartmentSeeder extends Seeder
|
||||
'location_id' => $locationIds->random(),
|
||||
'created_by' => $admin->id,
|
||||
]);
|
||||
|
||||
Department::factory()->count(1)->xssTestDepartment()->create(['created_by' => $xssAdmin->id]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,5 +67,9 @@ class LicenseSeeder extends Seeder
|
||||
'supplier_id' => $supplierIds->random(),
|
||||
'created_by' => $admin->id,
|
||||
]);
|
||||
|
||||
Category::factory()->count(1)->xssTestCategory()->create(['category_type' => 'licenses']);
|
||||
|
||||
License::factory()->count(1)->xssTestLicense()->create();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,6 +13,7 @@ class LocationSeeder extends Seeder
|
||||
{
|
||||
Location::truncate();
|
||||
Location::factory()->count(10)->create();
|
||||
Location::factory()->count(1)->xssTestLocation()->create();
|
||||
|
||||
$src = public_path('/img/demo/locations/');
|
||||
$dst = 'locations'.'/';
|
||||
|
||||
@@ -31,6 +31,7 @@ class ManufacturerSeeder extends Seeder
|
||||
Manufacturer::factory()->count(1)->google()->create(['created_by' => $admin->id]);
|
||||
Manufacturer::factory()->count(1)->huawei()->create(['created_by' => $admin->id]);
|
||||
Manufacturer::factory()->count(1)->sony()->create(['created_by' => $admin->id]);
|
||||
Manufacturer::factory()->count(1)->xssTestManufacturer()->create();
|
||||
|
||||
$src = public_path('/img/demo/manufacturers/');
|
||||
$dst = 'manufacturers'.'/';
|
||||
|
||||
@@ -33,5 +33,6 @@ class StatuslabelSeeder extends Seeder
|
||||
Statuslabel::factory()->outForRepair()->create(['created_by' => $admin->id]);
|
||||
Statuslabel::factory()->broken()->create(['created_by' => $admin->id]);
|
||||
Statuslabel::factory()->lost()->create(['created_by' => $admin->id]);
|
||||
Statuslabel::factory()->xssTestStatuslabel()->create();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,13 +3,19 @@
|
||||
namespace Database\Seeders;
|
||||
|
||||
use App\Models\Supplier;
|
||||
use App\Models\User;
|
||||
use Illuminate\Database\Seeder;
|
||||
|
||||
class SupplierSeeder extends Seeder
|
||||
{
|
||||
public function run()
|
||||
{
|
||||
|
||||
Supplier::truncate();
|
||||
|
||||
$admin = User::where('permissions->superuser', '1')->first() ?? User::factory()->firstAdmin()->create();
|
||||
|
||||
Supplier::factory()->count(5)->create();
|
||||
Supplier::factory()->count(1)->xssTestSupplier();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -47,6 +47,7 @@ class UserSeeder extends Seeder
|
||||
]))
|
||||
->create();
|
||||
|
||||
|
||||
User::factory()->count(1)->testAdmin()
|
||||
->state(new Sequence(fn($sequence) => [
|
||||
'company_id' => $companyIds->random(),
|
||||
@@ -75,6 +76,8 @@ class UserSeeder extends Seeder
|
||||
]))
|
||||
->create();
|
||||
|
||||
User::factory()->count(1)->xssTestUser()->create();
|
||||
|
||||
$src = public_path('/img/demo/avatars/');
|
||||
$dst = 'avatars'.'/';
|
||||
$del_files = Storage::files($dst);
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 34 KiB |
Reference in New Issue
Block a user