548ae7ad22
Add Reverse Proxy support to Pre-Flight URL check
...
Before this change, the Pre-Flight URL check would inevitably fail
whenever Snipe-IT was running behind a reverse proxy or load balancer.
The URL check tries to ensure that the configured application URL
matches the URL that is actually used to reach the application. However,
when running behind an HTTP intermediary (like a reverse proxy or a load
balancer) the HTTP connection that Snipe-IT receives is not the _real_
connection from the user anymore, but a connection from the HTTP
intermediary. The scheme, host and port that Snipe-IT would obtain from
that incoming intermediary connection wouldn't match what is configured
as application URL and, therefore, the URL check would fail.
This commit solves the situation by making Snipe-IT's Pre-Flight URL
check aware of the `X-Forwarded-Proto` and `X-Forwarded-Host` HTTP
headers. These headers represent the _de-facto_ standard used by reverse
proxies and other HTTP intermediary components to convey information
about the incoming HTTP connection to the upstream application. Being
the upstream application, Snipe-IT can then make use of this information
to correctly evaluate the validity of the configured application URL.
2023-03-05 18:15:16 +01:00
562546a853
Updated comment
...
Signed-off-by: snipe <snipe@snipe.net >
2023-02-28 23:37:30 -08:00
4860440306
Check that it’s an array (versus checking that it’s not a bool)
...
Signed-off-by: snipe <snipe@snipe.net >
2023-02-28 23:32:10 -08:00
b72a9cc6fd
Check if the $owner is boolean
...
Signed-off-by: snipe <snipe@snipe.net >
2023-02-28 23:31:26 -08:00
ff895739f4
Merge pull request #12446 from Godmartinz/livewire_slack_inputs
...
Adds Livewire slack inputs
2023-02-15 13:27:07 -08:00
7363d4e223
FIxed yoda operator
...
Signed-off-by: snipe <snipe@snipe.net >
2023-02-06 12:43:35 -08:00
17f1772143
removes postslack from settings controller
2023-02-01 16:58:08 -08:00
f95a904d90
adds integration button, working on its functionality
2023-02-01 12:08:13 -08:00
f9ac447dd1
adds default group to LDAP
2022-10-18 15:18:09 -07:00
0312ecf09d
Sets nullable attribute on validation
...
Signed-off-by: snipe <snipe@snipe.net >
2022-10-12 10:30:47 -07:00
70c766e8b3
Added setting to choose dashboard type
...
Signed-off-by: snipe <snipe@snipe.net >
2022-09-29 04:16:46 -07:00
193b31e427
select options working, testing sync then done
2022-08-31 12:58:33 -07:00
0c362e8b57
gets the groups selector to appear but options are blank
2022-08-29 12:09:56 -07:00
fc6fefdb4e
adds migration, variables, checkbox,working on groups
2022-08-25 15:19:38 -07:00
bb091760af
Fixedd unclosed brace
...
Signed-off-by: snipe <snipe@snipe.net >
2022-07-11 17:11:28 -07:00
2518e2f0ee
Removed > 300
...
Signed-off-by: snipe <snipe@snipe.net >
2022-07-08 17:09:56 -07:00
43e370f35a
Move migrations further up
...
Signed-off-by: snipe <snipe@snipe.net >
2022-07-08 16:40:51 -07:00
25cb32ca6a
Fixed typo
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-30 18:51:44 -07:00
1a423a252b
Derp
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-30 15:22:58 -07:00
7591f3f092
Added auth filter check regex
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-30 15:15:49 -07:00
2cace3c73a
Added LDAP warnings on page load
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-30 15:08:12 -07:00
d167d2a10f
Disallow backup deletion and log attempt if not allowed
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-24 15:49:22 -07:00
77bf28bcb6
Disallow purge
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-23 20:11:43 -07:00
5458676ead
Default to v3 of LDAP on settings save
...
Signed-off-by: snipe <snipe@snipe.net >
2022-06-06 21:00:22 -07:00
014a32b050
Run migrations after restore
...
Signed-off-by: snipe <snipe@snipe.net >
2022-05-18 14:12:17 -07:00
a8eb138ae0
Merge pull request #11133 from inietov/fixes/backup_createdat_time_incorrect
...
Fixes #11096 Backup created_at time is incorrect
2022-05-17 14:39:19 -07:00
72493d54aa
Show the date and time as the user select in their settings
2022-05-17 16:36:05 -05:00
91c7a89f93
Change to use the date() function instead of Helper::getFormattedDateObject()
2022-05-17 16:24:52 -05:00
11f540daaf
Added debug line
...
Signed-off-by: snipe <snipe@snipe.net >
2022-05-17 09:41:35 -07:00
0dfc98a493
Force db:wipe
...
Signed-off-by: snipe <snipe@snipe.net >
2022-05-17 04:27:48 -07:00
b5f3a357e2
Merge pull request #10850 from Godmartinz/feature/sc-18937/add-manager-to-ldap-sync
...
This looks good, thanks!
2022-03-29 12:06:01 +01:00
4956eb0410
WIP: needs to be tested. adds ldap_manager field to ldap sync
2022-03-21 11:15:39 -07:00
b2e78e3382
formats most of the pdf blade
2022-03-16 15:53:32 -07:00
dd5f812d88
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net >
# Conflicts:
# .all-contributorsrc
# README.md
# app/Console/Commands/FixDoubleEscape.php
# app/Console/Commands/LdapSync.php
# app/Exceptions/Handler.php
# app/Http/Controllers/Api/AssetMaintenancesController.php
# app/Http/Controllers/Api/AssetModelsController.php
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Api/CategoriesController.php
# app/Http/Controllers/Api/CompaniesController.php
# app/Http/Controllers/Api/DepartmentsController.php
# app/Http/Controllers/Api/LicensesController.php
# app/Http/Controllers/Api/LocationsController.php
# app/Http/Controllers/Api/ManufacturersController.php
# app/Http/Controllers/Api/SettingsController.php
# app/Http/Controllers/Api/SuppliersController.php
# app/Http/Controllers/AssetModelsController.php
# app/Http/Controllers/Auth/LoginController.php
# app/Http/Controllers/CustomFieldsController.php
# app/Http/Controllers/SettingsController.php
# app/Models/Loggable.php
# app/Providers/AuthServiceProvider.php
# config/version.php
# database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
# database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php
# package-lock.json
# package.json
# public/js/build/app.js
# public/js/dist/all.js
# public/mix-manifest.json
# resources/assets/js/components/forms/asset-models/fieldset-default-values.vue
# resources/views/hardware/view.blade.php
2022-02-20 13:29:12 -08:00
23a6907975
Some minor stylistic changes
2022-02-17 18:05:06 -06:00
5b2a5ff124
Put the 'remember_token' column as null in the users table
2022-02-17 18:03:00 -06:00
548b172744
Logout every connected user
2022-02-17 18:00:24 -06:00
263893b3c6
Search logged in user that made the restore, if they doesn't exist in the restored system, add it again
2022-02-17 17:42:06 -06:00
811ca51c4f
Wipe database before restoration
2022-02-17 16:59:44 -06:00
d1b45a83b8
Blergh, one more linebreak
...
Signed-off-by: snipe <snipe@snipe.net >
2022-02-17 14:51:06 -08:00
01a8701a8c
Removed extra linebreaks
...
Signed-off-by: snipe <snipe@snipe.net >
2022-02-17 14:50:38 -08:00
67fe53e32a
Removed debugging, added comments
...
Signed-off-by: snipe <snipe@snipe.net >
2022-02-17 14:50:07 -08:00
7f6b8cc43d
Removed carbon, since we went with PHP's datetime instead
...
Signed-off-by: snipe <snipe@snipe.net >
2022-02-17 14:48:12 -08:00
5fe999eb02
Shored up the date math, updated the explanation
...
Signed-off-by: snipe <snipe@snipe.net >
2022-02-17 14:34:33 -08:00
ea429d650e
Initial audit date fix
...
Signed-off-by: snipe <snipe@snipe.net >
2022-02-16 20:19:38 -08:00
398180dc59
Small merge unmagling
...
Signed-off-by: snipe <snipe@snipe.net >
2021-12-16 14:38:04 -08:00
c3d55ee27e
Merge master down into develop
...
Signed-off-by: snipe <snipe@snipe.net >
# Conflicts:
# .all-contributorsrc
# README.md
# app/Exceptions/Handler.php
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Api/SettingsController.php
# app/Http/Controllers/CustomFieldsController.php
# app/Http/Controllers/SettingsController.php
# app/Http/Transformers/AssetsTransformer.php
# app/Models/Setting.php
# config/version.php
# resources/lang/af/button.php
# resources/lang/ar/button.php
# resources/lang/bg/button.php
# resources/lang/cs/button.php
# resources/lang/cy/button.php
# resources/lang/da/button.php
# resources/lang/de/button.php
# resources/lang/el/button.php
# resources/lang/en-GB/button.php
# resources/lang/en-ID/button.php
# resources/lang/es-CO/admin/groups/message.php
# resources/lang/es-MX/button.php
# resources/lang/et/admin/custom_fields/general.php
# resources/lang/et/admin/hardware/table.php
# resources/lang/et/admin/kits/general.php
# resources/lang/et/admin/manufacturers/message.php
# resources/lang/et/admin/models/general.php
# resources/lang/et/admin/settings/general.php
# resources/lang/et/button.php
# resources/lang/et/mail.php
# resources/lang/fa/button.php
# resources/lang/fa/help.php
# resources/lang/fi/button.php
# resources/lang/fil/button.php
# resources/lang/fr/button.php
# resources/lang/ga-IE/button.php
# resources/lang/he/button.php
# resources/lang/hr/button.php
# resources/lang/hu/admin/settings/general.php
# resources/lang/hu/auth/message.php
# resources/lang/hu/button.php
# resources/lang/hu/mail.php
# resources/lang/id/admin/hardware/table.php
# resources/lang/id/button.php
# resources/lang/it/button.php
# resources/lang/iu/button.php
# resources/lang/ja/button.php
# resources/lang/ko/button.php
# resources/lang/lt/button.php
# resources/lang/lv/button.php
# resources/lang/mi/button.php
# resources/lang/mk/button.php
# resources/lang/ml-IN/button.php
# resources/lang/mn/button.php
# resources/lang/ms/admin/hardware/table.php
# resources/lang/ms/admin/kits/general.php
# resources/lang/ms/admin/models/general.php
# resources/lang/ms/admin/models/message.php
# resources/lang/ms/admin/settings/general.php
# resources/lang/ms/button.php
# resources/lang/nl/button.php
# resources/lang/no/admin/hardware/table.php
# resources/lang/no/admin/kits/general.php
# resources/lang/no/admin/settings/general.php
# resources/lang/no/auth/message.php
# resources/lang/no/button.php
# resources/lang/no/help.php
# resources/lang/no/mail.php
# resources/lang/pl/button.php
# resources/lang/pt-BR/button.php
# resources/lang/pt-PT/auth/message.php
# resources/lang/pt-PT/button.php
# resources/lang/pt-PT/mail.php
# resources/lang/ro/button.php
# resources/lang/ru/admin/settings/general.php
# resources/lang/ru/button.php
# resources/lang/ru/help.php
# resources/lang/sl/admin/custom_fields/general.php
# resources/lang/sl/admin/hardware/table.php
# resources/lang/sl/admin/kits/general.php
# resources/lang/sl/admin/manufacturers/message.php
# resources/lang/sl/admin/models/general.php
# resources/lang/sl/admin/settings/general.php
# resources/lang/sl/admin/users/general.php
# resources/lang/sl/auth/message.php
# resources/lang/sl/button.php
# resources/lang/sl/help.php
# resources/lang/sr-CS/button.php
# resources/lang/ta/button.php
# resources/lang/th/button.php
# resources/lang/th/mail.php
# resources/lang/tl/button.php
# resources/lang/tr/admin/settings/general.php
# resources/lang/tr/auth/message.php
# resources/lang/tr/button.php
# resources/lang/uk/button.php
# resources/lang/ur-PK/button.php
# resources/lang/vi/button.php
# resources/lang/zh-CN/button.php
# resources/lang/zh-HK/button.php
# resources/lang/zh-TW/admin/hardware/table.php
# resources/lang/zh-TW/button.php
# resources/lang/zu/button.php
# resources/views/models/custom_fields_form.blade.php
# resources/views/reports/custom.blade.php
# resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
dbdc1c7f3f
Update SettingsController.php to save Slack Settings
...
This goes with #10438 that I just submitted about Slack Settings not saving.
This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
8fa690b635
Reverting form request because it doesn't seem to work (????!!)
...
Signed-off-by: snipe <snipe@snipe.net >
2021-12-08 17:54:15 -08:00
ebdbc20740
Adds stricter validation for slack endpoints
...
Signed-off-by: snipe <snipe@snipe.net >
2021-12-06 11:40:24 -08:00
