snipe-it

mirror of https://github.com/snipe/snipe-it.git synced 2026-02-06 09:55:40 +00:00

Author	SHA1	Message	Date
snipe	03116f5ece	Fixed tests	2025-12-17 16:16:58 +00:00
snipe	40e754b8c3	Additional criteria for the canEditAuthFields gate Signed-off-by: snipe <snipe@snipe.net>	2025-07-18 16:03:22 +01:00
snipe	66842648ed	Removed debugging Signed-off-by: snipe <snipe@snipe.net>	2025-07-18 13:17:10 +01:00
snipe	ca4d3f6bce	Changed gate name, removed debugging Signed-off-by: snipe <snipe@snipe.net>	2025-07-18 12:45:32 +01:00
snipe	a0d2cb8a03	Clearer (if longer) gate name Signed-off-by: snipe <snipe@snipe.net>	2025-07-17 20:47:20 +01:00
snipe	d9a5452388	Defined new gates Signed-off-by: snipe <snipe@snipe.net>	2025-07-17 20:12:10 +01:00
snipe	0a29e90701	Smal improvements to scoping displays Signed-off-by: snipe <snipe@snipe.net>	2025-04-30 15:24:42 +01:00
snipe	7b930357e4	Cast years to int Signed-off-by: snipe <snipe@snipe.net>	2025-02-22 10:51:27 +00:00
snipe	b45a8f4b5f	Added reporting-only access for selectlists Signed-off-by: snipe <snipe@snipe.net>	2024-08-12 20:44:17 +01:00
snipe	c752c2a125	Make the passport cookie name configurable Signed-off-by: snipe <snipe@snipe.net>	2024-07-22 14:22:19 +01:00
snipe	4ac4f9b0a9	Customize cookie name Signed-off-by: snipe <snipe@snipe.net>	2024-07-22 14:17:16 +01:00
snipe	09abcb44bb	Remove cookie serialization Signed-off-by: snipe <snipe@snipe.net>	2024-07-22 13:49:47 +01:00
snipe	2b43f3cb84	Added gate to auth service provider Signed-off-by: snipe <snipe@snipe.net>	2024-06-24 14:02:40 +01:00
Brady Wetherington	3f5c5cbe82	Merge branch 'develop' into snipeit_v7_laravel10	2024-04-24 16:24:43 +01:00
snipe	0d23d28a65	Added comments Signed-off-by: snipe <snipe@snipe.net>	2024-04-11 15:15:56 +01:00
Brady Wetherington	daed0b60bc	Merge branch 'develop' into snipeit_v7_laravel10	2023-07-31 19:40:56 +01:00
Brady Wetherington	4654f7aa37	Porting Snipe-IT v7 to Laravel v10	2023-07-31 14:07:12 +01:00
Ivan Nieto Vivanco	705411eb4d	Create the Gate that goes with the permission	2023-07-19 19:44:59 -06:00
Marcus Moore	23a1b2d60a	Register the consumables.files ability	2023-01-17 17:15:23 -08:00
Marcus Moore	6c89f08193	Register the accessories.files ability and allow users with the ability to upload files for accessories	2023-01-17 16:59:50 -08:00
Marcus Moore	e23ee7540d	Register the components.files ability	2023-01-17 15:45:40 -08:00
Ivan Nieto Vivanco	b142f8e012	Add the permission to show purchase cost column to non-admin sessions	2022-12-14 23:00:35 -06:00
snipe	dcab1381e7	Check for licenses.files permissions Signed-off-by: snipe <snipe@snipe.net>	2022-09-16 14:00:27 -07:00
snipe	b876d0abb0	Merge remote-tracking branch 'origin/master' into develop Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .env.example # app/Http/Controllers/Auth/LoginController.php # app/Http/Kernel.php # app/Http/Transformers/ActionlogsTransformer.php # app/Importer/AssetImporter.php # app/Models/Accessory.php # app/Models/Consumable.php # app/Presenters/AccessoryPresenter.php # app/Presenters/ComponentPresenter.php # app/Presenters/ConsumablePresenter.php # app/Providers/AuthServiceProvider.php # composer.json # composer.lock # config/app.php # config/cors.php # config/version.php # package-lock.json # public/js/build/app.js # public/js/build/app.js.LICENSE.txt # public/js/dist/all.js # public/mix-manifest.json # resources/views/accessories/view.blade.php # resources/views/consumables/view.blade.php # resources/views/settings/saml.blade.php # routes/api.php	2022-03-03 21:59:38 -08:00
snipe	2eef43e8bf	Applies develop fix to master for location drop downs	2022-03-01 12:43:35 -08:00
Andrew Roth	2e60420aeb	Fix for location and model drop down with granular permissions.	2022-02-28 17:38:38 -05:00
snipe	dd5f812d88	Merge remote-tracking branch 'origin/master' into develop Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .all-contributorsrc # README.md # app/Console/Commands/FixDoubleEscape.php # app/Console/Commands/LdapSync.php # app/Exceptions/Handler.php # app/Http/Controllers/Api/AssetMaintenancesController.php # app/Http/Controllers/Api/AssetModelsController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/CategoriesController.php # app/Http/Controllers/Api/CompaniesController.php # app/Http/Controllers/Api/DepartmentsController.php # app/Http/Controllers/Api/LicensesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/ManufacturersController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/Api/SuppliersController.php # app/Http/Controllers/AssetModelsController.php # app/Http/Controllers/Auth/LoginController.php # app/Http/Controllers/CustomFieldsController.php # app/Http/Controllers/SettingsController.php # app/Models/Loggable.php # app/Providers/AuthServiceProvider.php # config/version.php # database/migrations/2014_11_04_231416_update_group_field_for_reporting.php # database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php # package-lock.json # package.json # public/js/build/app.js # public/js/dist/all.js # public/mix-manifest.json # resources/assets/js/components/forms/asset-models/fieldset-default-values.vue # resources/views/hardware/view.blade.php	2022-02-20 13:29:12 -08:00
snipe	d6b8222371	Refactor to combine permissions Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 12:48:30 -08:00
snipe	2c5abaaea4	Fixed copypasta Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 12:32:09 -08:00
snipe	c1a0653847	Restrict to update or create gate methods for select lists Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 12:31:11 -08:00
snipe	9226c8292d	Fixed typos in comments Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 12:02:14 -08:00
snipe	5fafa81dc1	Forgot components Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 11:57:29 -08:00
snipe	b30d1dce89	Removed selectlist Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 11:55:24 -08:00
snipe	2dad27eed6	Added additional gate for selectlists Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 11:46:14 -08:00
Laravel Shift	934afa036f	Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200	2021-06-10 20:15:52 +00:00
snipe	a48d09f37e	Fixed non-superadmin gate permissions for kits (#9029 )	2021-01-26 11:56:42 -08:00
snipe	5abfbdd1d2	Allow API token expiration in years to be configured via env	2020-11-09 22:52:55 -08:00
snipe	460485d843	Make API tokens expire in 20 years TODO: Make this configurable and report the expiration in the UI	2020-11-09 22:33:43 -08:00
snipe	296de34e8a	WIP: Upgrade develop to Laravel 6.6.1 (#7637 ) I'm going ahead and merging this, since the upgrade doesn't break Flysystem any worse than the current develop is broken, so far as I can tell. * Upgraded framework to Laravel 6 ### TO DO: - Fix password restriction rules- the old library isn’t compatible with Laravel 6 :( - Figure out why in-app API calls are returning “Unauthorized” * More updates from Input:: to Request:: helper * Switch to Request:: from Input * Added passport config * Fixed goofy password minimum in seeder * Added laravel/helpers * Changed ($item) to ($item->id) in forms I have no idea why this is necessary * Changed ($item) to ($item->id) in forms * Updated API middleware to auth:api * Updated with added laravel auth.php values * FIxed &!^$%^&$^%!!!! ajax issue Switch to Request::get from Input::get * Switched to Request facade * Added password security minimums back in The package we were using has not been updated to Laravel v6, so I created custom validators instead * Added language strings for error messages for password rules * Fixed `($item)` issue in formActions for partials	2019-12-10 19:32:50 -08:00
snipe	bca82684a1	Merge branch 'hotfixes/2fa_qr' into develop # Conflicts: # .all-contributorsrc # Dockerfile # README.md # app/Console/Commands/LdapSync.php # app/Http/Controllers/Api/ImportController.php # app/Http/Controllers/AssetModelsController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/LoginController.php # app/Http/Controllers/CategoriesController.php # app/Http/Controllers/CompaniesController.php # app/Http/Controllers/DepartmentsController.php # app/Http/Controllers/ImportsController.php # app/Http/Controllers/LocationsController.php # app/Http/Controllers/ManufacturersController.php # app/Http/Controllers/SuppliersController.php # app/Http/Requests/ItemImportRequest.php # app/Http/Transformers/ActionlogsTransformer.php # composer.json # composer.lock # config/app.php # config/version.php # docker/startup.sh # public/css/build/all.css # public/css/dist/all.css # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/dist/all.js # public/mix-manifest.json	2019-03-20 02:17:02 -07:00
snipe	7b33f95e83	Fixes/import permissions mask (#6826 ) * Check for empty headers in import * Added import permission * Fixed model path in docblock * Added import gate to default blade * Check if the user is an admin OR idf they have import permissions * Walked back that admin permission Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission	2019-03-18 11:58:08 -07:00
Martin Meredith	e3e0d57f56	Minor code cleanup bits and bobs (#6805 ) * Add IDE Helper files * Cleanup imports - Alphabetises imports - Removes unused imports * Add Platform requirements * Move filling asset into block where asset exists * Remove duplicate array keys	2019-03-13 20:12:03 -07:00
snipe	e4f6aefdad	Added self-checkout permission option	2018-08-21 23:26:12 -07:00
snipe	376eb52f00	Fixed #5938 - added “self location edit” as permission	2018-07-24 12:42:16 -07:00
Till Deeke	27699aa99c	Adds permission checks for custom fields and custom fieldsets (#5645 ) (#5795 ) * adds permission checks to custom fields * adds permission checks to custom fieldsets * adds separate permissions for custom fieldsets * check for permissions in views * Removes custom fieldsets from permissions config * Proxy the authorization for custom fieldsets down to custom fields. This allows us to use the existing permissions in use and have more semantically correct authorization checks for custom fieldsets. * simplifies the authorization check for the custom fields overview * removes special handling of custom fieldsets in base policy I just realised that this code duplicates the logic from the custom fieldset policy. Since we are checking for the authorization of custom fields anyway, we can just use the columnName for the fields. * cleanup of unused imports	2018-07-12 18:28:20 -07:00
snipe	1d130b4a89	Fixed asset model permission not granted for edit	2018-03-07 18:22:49 -08:00
snipe	c4db8d37c2	Fixed #5168 - users without superadmin could not see custom fields UI even if granted	2018-03-07 13:37:37 -08:00
Daniel Meltzer	9ee2c6be57	Api tests2 (#5098 ) * Cleanup * API tests for asset models and related cleanup/improvements * Api license test. Tests incomplete because create/update/destroy are not implemented yet in the controller * API Category tests. * Manufacturers API Test. * Implement License Create/Update/Delete Methods for API and enable test. * Add missing gate for api. Fixes only superadmins being able to generate Personal Access Toekns	2018-02-25 12:10:02 -08:00
snipe	c242abb42e	Added Company policy to fix company deletion issue	2018-01-19 17:51:28 -08:00
snipe	defed52caa	Fixed #4596 - manufacturer gate	2017-12-07 20:59:55 -08:00

1 2

70 Commits