Compare commits
23 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 snipe
|
3e4152c966 | ||
|
snipe
|
1bf34d73f5 | ||
|
snipe
|
d1e360d64d | ||
|
snipe
|
3b5b19848c | ||
|
snipe
|
93ba90e837 | ||
|
snipe
|
dd28c5709e | ||
|
snipe
|
fc70d79a17 | ||
|
snipe
|
42fe481f71 | ||
|
snipe
|
95f1a98b96 | ||
|
snipe
|
6f1e0d6d9f | ||
|
snipe
|
ae66bba0f1 | ||
|
snipe
|
32c5a258a7 | ||
|
snipe
|
e7ac860f77 | ||
|
snipe
|
899a991a3b | ||
|
snipe
|
f26d86dff2 | ||
|
snipe
|
84317f7f50 | ||
|
snipe
|
65016a2383 | ||
|
snipe
|
eb48e5ed1c | ||
|
snipe
|
dbcb2ccb46 | ||
|
Daniel Meltzer
|
927a12f78d | ||
|
Brady Wetherington
|
dd52b4828c | ||
|
snipe
|
6273e313bc | ||
|
snipe
|
2afcfcc87c |
+1
-1
@@ -23,7 +23,7 @@ DB_DUMP_PATH='/usr/bin'
|
||||
# --------------------------------------------
|
||||
# OPTIONAL: SSL DATABASE SETTINGS
|
||||
# --------------------------------------------
|
||||
DB_SSL=true
|
||||
DB_SSL=false
|
||||
DB_SSL_KEY_PATH=null
|
||||
DB_SSL_CERT_PATH=null
|
||||
DB_SSL_CA_PATH=null
|
||||
|
||||
@@ -38,3 +38,5 @@ tests/_data/scenarios
|
||||
tests/_output/*
|
||||
tests/_support/_generated/*
|
||||
/npm-debug.log
|
||||
/storage/oauth-private.key
|
||||
/storage/oauth-public.key
|
||||
|
||||
@@ -53,3 +53,7 @@ Please see the documentation on [contributing and developing for Snipe-IT](https
|
||||
|
||||
|
||||
Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
|
||||
|
||||
### Security
|
||||
|
||||
To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker.
|
||||
|
||||
@@ -145,7 +145,7 @@ class AssetModelsController extends Controller
|
||||
$model->category_id = e(Input::get('category_id'));
|
||||
$model->model_number = e(Input::get('model_number'));
|
||||
$model->user_id = Auth::user()->id;
|
||||
$model->note = e(Input::get('note'));
|
||||
$model->notes = e(Input::get('notes'));
|
||||
$model->eol= null;
|
||||
|
||||
if (Input::get('fieldset_id')=='') {
|
||||
|
||||
@@ -425,17 +425,12 @@ class UsersController extends Controller
|
||||
|
||||
// Check if we are not trying to delete ourselves
|
||||
if ($user->id === Auth::user()->id) {
|
||||
// Prepare the error message
|
||||
$error = trans('admin/users/message.error.delete');
|
||||
|
||||
// Redirect to the user management page
|
||||
return redirect()->route('users')->with('error', $error);
|
||||
return redirect()->route('users')->with('error', trans('admin/users/message.error.delete'));
|
||||
}
|
||||
|
||||
|
||||
// Do we have permission to delete this user?
|
||||
if ((!Auth::user()->isSuperUser()) || (config('app.lock_passwords'))) {
|
||||
// Redirect to the user management page
|
||||
if ((Gate::denies('users.delete') || (config('app.lock_passwords')))) {
|
||||
return redirect()->route('users')->with('error', 'Insufficient permissions!');
|
||||
}
|
||||
|
||||
@@ -459,18 +454,11 @@ class UsersController extends Controller
|
||||
|
||||
// Delete the user
|
||||
$user->delete();
|
||||
|
||||
// Prepare the success message
|
||||
$success = trans('admin/users/message.success.delete');
|
||||
|
||||
// Redirect to the user management page
|
||||
return redirect()->route('users')->with('success', $success);
|
||||
} catch (UserNotFoundException $e) {
|
||||
// Prepare the error message
|
||||
$error = trans('admin/users/message.user_not_found', compact('id'));
|
||||
|
||||
// Redirect to the user management page
|
||||
return redirect()->route('users')->with('error', $error);
|
||||
} catch (UserNotFoundException $e) {
|
||||
return redirect()->route('users')->with('error', trans('admin/users/message.user_not_found', compact('id')));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -865,7 +853,6 @@ class UsersController extends Controller
|
||||
'permissions' => '{"user":1}',
|
||||
'notes' => 'Imported user'
|
||||
);
|
||||
//dd($newuser);
|
||||
|
||||
DB::table('users')->insert($newuser);
|
||||
|
||||
@@ -1107,7 +1094,6 @@ class UsersController extends Controller
|
||||
$user = User::find($userId);
|
||||
$destinationPath = config('app.private_uploads').'/users';
|
||||
|
||||
// the license is valid
|
||||
if (isset($user->id)) {
|
||||
|
||||
if (!Company::isCurrentUserHasAccess($user)) {
|
||||
|
||||
+1
-1
@@ -819,7 +819,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
|
||||
Route::post('{userId}/edit', [ 'uses' => 'UsersController@postEdit', 'middleware' => ['authorize:users.edit'] ]);
|
||||
Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone', 'middleware' => ['authorize:users.edit'] ]);
|
||||
Route::post('{userId}/clone', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit'] ]);
|
||||
Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete', 'middleware' => ['authorize:users.edit'] ]);
|
||||
Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete', 'middleware' => ['authorize:users.delete'] ]);
|
||||
Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore', 'middleware' => ['authorize:users.edit'] ]);
|
||||
Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' , 'middleware' => ['authorize:users.view'] ]);
|
||||
Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend', 'middleware' => ['authorize:users.edit'] ]);
|
||||
|
||||
+1
-1
@@ -277,7 +277,7 @@ class Ldap extends Model
|
||||
$global_count += $results['count'];
|
||||
$result_set = array_merge($result_set, $results);
|
||||
|
||||
ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
|
||||
@ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
|
||||
|
||||
} while ($cookie !== null && $cookie != '');
|
||||
|
||||
|
||||
@@ -18,7 +18,7 @@ class Supplier extends SnipeModel
|
||||
'address' => 'min:3|max:50',
|
||||
'address2' => 'min:2|max:50',
|
||||
'city' => 'min:3|max:255',
|
||||
'state' => 'min:0|max:2',
|
||||
'state' => 'min:0|max:32',
|
||||
'country' => 'min:0|max:2',
|
||||
'fax' => 'min:7|max:20',
|
||||
'phone' => 'min:7|max:20',
|
||||
|
||||
+4
-4
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
return array (
|
||||
'app_version' => 'v3.6.1',
|
||||
'build_version' => '5',
|
||||
'hash_version' => 'g6f9a82f',
|
||||
'full_hash' => 'v3.6.1-5-g6f9a82f',
|
||||
'app_version' => 'v3.6.3',
|
||||
'build_version' => '15',
|
||||
'hash_version' => 'g1bf34d7',
|
||||
'full_hash' => 'v3.6.3-15-g1bf34d7',
|
||||
);
|
||||
|
||||
@@ -0,0 +1,31 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
|
||||
class IncreaseSizeOfStateInSuppliers extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::table('suppliers', function ($table) {
|
||||
$table->string('state', 32)->nullable()->default(null)->change();
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::table('suppliers', function ($table) {
|
||||
$table->string('state', 2)->nullable()->default(null)->change();
|
||||
});
|
||||
}
|
||||
}
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
var elixir = require('laravel-elixir');
|
||||
require('laravel-elixir-codeception');
|
||||
require('laravel-elixir-codeception-standalone');
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Elixir Asset Management
|
||||
@@ -38,7 +38,7 @@ elixir(function(mix) {
|
||||
mix.version(['assets/css/app.css','assets/js/all.js']);
|
||||
|
||||
|
||||
mix.codeception();
|
||||
mix.codeception(null, { flags: '--report' });
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
{
|
||||
"private": true,
|
||||
"scripts": {
|
||||
"prod": "gulp --production",
|
||||
"dev": "gulp watch"
|
||||
},
|
||||
"devDependencies": {
|
||||
"bootstrap-sass": "^3.3.7",
|
||||
"gulp": "^3.9.1",
|
||||
"jquery": "^3.1.0",
|
||||
"laravel-elixir": "^6.0.0-11",
|
||||
"laravel-elixir-vue-2": "^0.2.0",
|
||||
"laravel-elixir-webpack-official": "^1.0.2",
|
||||
"lodash": "^4.16.2",
|
||||
"vue": "^2.0.1",
|
||||
"vue-resource": "^1.0.3"
|
||||
},
|
||||
"dependencies": {
|
||||
"laravel-elixir-codeception": "^0.2.0"
|
||||
}
|
||||
}
|
||||
@@ -4,7 +4,7 @@
|
||||
{{-- Page content --}}
|
||||
@section('content')
|
||||
|
||||
<form role="form" action="{{ url('/login') }}" method="POST">
|
||||
<form role="form" action="{{ url('/login') }}" method="POST" autocomplete="off">
|
||||
<input type="hidden" name="_token" value="{{ csrf_token() }}" />
|
||||
|
||||
<div class="container">
|
||||
@@ -35,7 +35,7 @@
|
||||
{!! $errors->first('username', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||
</div>
|
||||
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
|
||||
<input class="form-control" placeholder="{{ trans('admin/users/table.password') }}" name="password" type="password">
|
||||
<input class="form-control" placeholder="{{ trans('admin/users/table.password') }}" name="password" type="password" autocomplete="off">
|
||||
{!! $errors->first('password', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||
</div>
|
||||
<div class="checkbox">
|
||||
|
||||
@@ -15,7 +15,6 @@
|
||||
<!-- Asset Tag -->
|
||||
<div class="form-group {{ $errors->has('asset_tag') ? ' has-error' : '' }}">
|
||||
<label for="asset_tag" class="col-md-3 control-label">{{ trans('admin/hardware/form.tag') }}</label>
|
||||
</label>
|
||||
<div class="col-md-7 col-sm-12{{ (\App\Helpers\Helper::checkIfRequired($item, 'asset_tag')) ? ' required' : '' }}">
|
||||
@if ($item->id)
|
||||
<input class="form-control" type="text" name="asset_tag" id="asset_tag" value="{{ Input::old('asset_tag', $item->asset_tag) }}" />
|
||||
@@ -30,7 +29,6 @@
|
||||
<!-- Model -->
|
||||
<div class="form-group {{ $errors->has('model_id') ? ' has-error' : '' }}">
|
||||
<label for="parent" class="col-md-3 control-label">{{ trans('admin/hardware/form.model') }}</label>
|
||||
</label>
|
||||
<div class="col-md-7 col-sm-10{{ (\App\Helpers\Helper::checkIfRequired($item, 'model_id')) ? ' required' : '' }}">
|
||||
@if (isset($selected_model))
|
||||
{{ Form::select('model_id', $model_list , $selected_model->id, array('class'=>'select2 model', 'style'=>'width:100%','id' =>'model_select_id')) }}
|
||||
@@ -418,4 +416,4 @@ $(function () {
|
||||
});
|
||||
});
|
||||
</script>
|
||||
@stop
|
||||
@stop
|
||||
|
||||
@@ -36,7 +36,7 @@
|
||||
</div><!-- /.box-header -->
|
||||
|
||||
<div class="box-body">
|
||||
<form id="create-form" class="form-horizontal" method="post" action="" autocomplete="off" role="form" enctype="multipart/form-data">
|
||||
<form id="create-form" class="form-horizontal" method="post" action="{{ \Request::url() }}" autocomplete="off" role="form" enctype="multipart/form-data">
|
||||
<!-- CSRF Token -->
|
||||
{{ csrf_field() }}
|
||||
@yield('inputFields')
|
||||
@@ -54,4 +54,4 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@stop
|
||||
@stop
|
||||
|
||||
@@ -117,7 +117,7 @@
|
||||
name="username"
|
||||
id="username"
|
||||
value="{{ Input::old('username', $user->username) }}"
|
||||
autocomplete="false"
|
||||
autocomplete="off"
|
||||
readonly
|
||||
onfocus="this.removeAttribute('readonly');"
|
||||
{{ ((config('app.lock_passwords') && ($user->id)) ? ' disabled' : '') }}
|
||||
@@ -146,7 +146,7 @@
|
||||
class="form-control"
|
||||
id="password"
|
||||
value=""
|
||||
autocomplete="false"
|
||||
autocomplete="off"
|
||||
readonly
|
||||
onfocus="this.removeAttribute('readonly');"
|
||||
{{ ((config('app.lock_passwords') && ($user->id)) ? ' disabled' : '') }}
|
||||
|
||||
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Regular → Executable
Reference in New Issue
Block a user