AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,796 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

561 Commits

Author SHA1 Message Date
johnnyq 856a600993 Fixed send invoice/quote email redirects so they go back to the page you were last on 2022-05-17 13:50:54 -04:00
johnnyq bf34a2403a Minor UI cleanups add angle rights to menus that open new nav menus margin cleanups etc 2022-05-14 19:54:16 -04:00
johnnyq 4f2cff6fac More Archiving work, added entity_id to logs for future undo of archives in logs. 2022-05-14 18:14:02 -04:00
johnnyq 25589d38ce Fix Delete and Archive alerts 2022-05-14 13:06:09 -04:00
johnnyq 334766e567 Use toastr notifications and alerts instead dedupe alert feedback code 2022-05-14 13:03:03 -04:00
johnnyq 205c4e1bec Add Location Archive Functionality, do not allow archiving if location is primary, added undo location archive, some other cleanups 2022-05-14 11:44:48 -04:00
johnnyq 4f56f2efb3 Added more Descriptive Column titles and additonal cell spacing to contact templates 2022-05-13 15:17:23 -04:00
johnnyq 79df499ad3 Added Client Logins Import 2022-05-13 14:42:46 -04:00
johnnyq 08a669e3bb Added location import capability, cleaned up some import wording, renamed clean_file_name function to just strto_AZaz09 and clean export and sample csv client names 2022-05-13 13:29:03 -04:00
johnnyq 74cf007ef3 Cleanup importing assets along with duplication fix from previous commit 2022-05-13 12:24:43 -04:00
johnnyq fdc42ef5cf Fixed issue with importing contacts when a duplicate was detected it would stop importing the rest of the rows that were not duplicates 2022-05-13 12:19:51 -04:00
johnnyq 7b0e4e7741 Fixed contacts not importing if location was left blank 2022-05-13 12:12:44 -04:00
johnnyq 8b5f8547c4 Added Contact Import Capabilities and fixed some undefined vars 2022-05-13 11:53:17 -04:00
Marcus Hill fc3b83d43a Allow for tickets to be unassigned after being assigned to an agent. 
Hide accountants from ticket assignment list on ticket.php.
 2022-05-11 20:27:18 +01:00
johnnyq 0ac9143e47 Do no show archived clients under clients, add archive client, add undo archive client 2022-05-07 20:15:13 -04:00
johnnyq c38f2378ea Updated Delete Client to delete all associated data 2022-05-07 17:37:38 -04:00
johnnyq 5044dc6084 Properly delete everything related to a company when deleting a company 2022-05-07 16:46:50 -04:00
johnnyq 463fcdbe4f Fixed adding new company 2022-05-07 15:42:17 -04:00
Marcus Hill 5cbd0fad0d Move role validation to functions.php 2022-05-07 17:25:30 +01:00
Marcus Hill b2c0994577 Add CSRF Token validation for API key create/delete 2022-05-07 16:56:55 +01:00
Marcus Hill f4537ac80a Remove remaining instances of updating *updated_at - SQL DB does this now for us automatically 2022-05-07 16:39:34 +01:00
johnnyq 42f98479e7 Fixed Issue where if server had an IP client PDF Export would not work #395 2022-05-05 10:55:04 -04:00
Johnny 5e4870df90
Merge branch 'master' into csrf 2022-05-02 11:31:42 -04:00
Marcus Hill 61777116a9 CSRF Token 
Upon login, issue the user a CSRF token (in their session). This token should be provided when completing sensitive actions (e.g. deleting companies/clients, changing their password, etc.)

Ref: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
 2022-05-01 18:43:53 +01:00
johnnyq 0641b0bfd4 Completely remove the last bits of departments 2022-04-29 16:50:25 -04:00
johnnyq 7b35431021 Remove Departments table and remove it from the client side nav, takes up too much space, added it as a text input on contact add/edit instead 2022-04-29 16:39:15 -04:00
johnnyq d5922b25a9 Updated Licence Type var under client export pdf 2022-04-29 12:11:57 -04:00
johnnyq ba57078810 Created Sanitize file name function to fix issues with exporting PDF Documentation with clients having ' in the name ex ben's 2022-04-29 11:54:50 -04:00
johnnyq ca5ba0c6d2 Removed , before WHERE statement Fixed Edit Client 2022-04-29 11:21:46 -04:00
johnnyq 6310ef5aae Added Rename and Delete folder capabilities to documents and some minor UI cleanup 2022-04-27 22:31:15 -04:00
johnnyq 0fb4ff17a3 Removed the last bits of Document Tagging 2022-04-27 01:03:01 -04:00
johnnyq 1b866b75cd Added Folder support to Client Documents, partially removed legacy document tagging 2022-04-27 00:53:45 -04:00
Marcus Hill 013b153078 Remove created_at DB references - these are automatic now 2022-04-24 12:24:00 +01:00
Marcus Hill a792498b5b Add IP/User agent to all logs 2022-04-24 12:13:07 +01:00
Marcus Hill 13c12dad3a Remove log_created_at now references, as this is now automatic 2022-04-24 11:52:16 +01:00
Marcus Hill 4dd5aa1ea2 Add IP address logging to document create/update/deletes 2022-04-24 10:12:59 +01:00
Marcus Hill f5f033fed4 Remove MeshCentral integration 
As per recent discussions about the API & scripts being a better way forward for all integration, removing the MeshCentral integration that was added.
 2022-04-19 22:42:38 +01:00
Marcus Hill e55622827d Add support for client-specific API keys 
Refactoring API. Added a contact update endpoint.
Small misc changes.
 2022-04-15 17:43:06 +01:00
Marcus Hill fca1627c33 Remove delete user post.php code. Deleting users means we'll lose all tickets/replies which isn't great. 
Correct user archive behaviour so when users are archived they can no longer login. Need to add ability for quick disable/enable of user accounts, as using archive as permanent.
Refactor "You are not permitted to do that!" wording into a constant instead.
 2022-04-15 13:29:27 +01:00
Marcus Hill f707098d37 Redirect to ticket after creation 2022-04-15 12:02:13 +01:00
Marcus Hill 6aa06b4389 Add full text index & search for document contents (related to #440) 2022-04-15 11:42:50 +01:00
johnnyq fd8188095e New Feature Enable/Disable ITFlow Modules now using the automated DB updater 2022-04-14 22:59:36 -04:00
Marcus Hill ca629801af Change all "AND" / "OR" to && / || 2022-04-14 18:40:51 +01:00
Marcus Hill cc4c2e6bf7 - Enforce role check when editing/deleting scheduled tickets 
- Add scheduled tickets to client view
- Add search and pagination to scheduled tickets
- Populate scheduled ticket edit modals dynamically
- Minor typos
 2022-04-10 13:42:47 +01:00
Marcus Hill 815ada9da5 Add agent name when reassigning ticket, improve logic to only allow assigning open tickets to techs/admins 2022-04-07 21:37:14 +01:00
johnnyq a0cead284f Fix Add Payment Email Currency Symbol 2022-04-05 11:56:22 -04:00
johnnyq fdf9d67910 Allow to Add Ticket to an exiting invoice item line 2022-04-02 20:50:55 -04:00
johnnyq a837af6eb4 Fixed Invoice Ticket 2022-04-02 20:13:20 -04:00
Johnny f6df0d3c72
Merge pull request #429 from wrongecho/db-version 
Add database updater
 2022-04-02 16:04:18 -04:00
johnnyq ef29a17d49 DB Structure Update - Added SMTP Encryption Type to Mail settings 2022-04-02 16:03:30 -04:00
Marcus Hill 9096b091b2 Add database updater 2022-04-02 19:39:55 +01:00
Johnny 32f3b0a005
Merge pull request #428 from wrongecho/sharing 
Item/Link Sharing enhancements
 2022-04-02 13:57:12 -04:00
Johnny f85957bd0d
Merge pull request #427 from wrongecho/dom-ssl 
Domains/SSL
 2022-04-02 11:48:39 -04:00
Marcus Hill 2c632a85d0 Create shared links page for each client, with option to deactivate links 2022-04-02 16:41:07 +01:00
Marcus Hill cab2cc923a Improve share features: default modal to 1, cleanup expired/used links 2022-04-02 15:37:17 +01:00
Marcus Hill be70883551 Refactor WHOIS lookups to use hosted heroku app 2022-04-02 12:19:35 +01:00
Marcus Hill 6a2fe3055e Auto-add SSL certificate for new domains 2022-04-02 10:16:20 +01:00
johnnyq a2936754cd Moved Mesh Central and Azure settings from general to its own tab called integrations 2022-04-01 17:20:29 -04:00
johnnyq 991e2bd4d4 Merge branch 'master' of github.com:johnnyq/itflow 2022-04-01 15:59:26 -04:00
johnnyq 6866addeee Minor Fixups 2022-04-01 15:58:18 -04:00
Marcus Hill 51a6ba6084 Allow admins to disable 2FA for users 2022-04-01 19:53:49 +01:00
johnnyq 8c98163e1c DB Structure Updated 2 new settings config_backup_enable and config_backup_path. This is to fix an issue where not specifying the full backup path would cause cron to error out and not run completely 2022-03-29 12:59:42 -04:00
Marcus Hill 0020c5708a Fix = vs == role check mistake 2022-03-28 21:48:20 +01:00
Marcus Hill 4ba313f752 Fix potential sql injection in delete_file if param add_location was also specified - post.php 2022-03-28 20:45:31 +01:00
Marcus Hill d83906508d Fix potential sql injection in add_company - post.php 2022-03-28 20:39:35 +01:00
Marcus Hill bba68f4d17 Name uploaded files with provided name, if specified 2022-03-27 23:00:45 +01:00
Marcus Hill 9040fdf847 Misc small changes/fixes 2022-03-27 22:26:22 +01:00
Johnny aafb6a677f
Merge pull request #412 from wrongecho/misc 
Misc incl SQL Injection / XSS fixes
 2022-03-27 15:05:07 -04:00
Marcus Hill 816ba87485 SQL Injection / XSS fixes 2022-03-27 20:02:16 +01:00
Marcus Hill c3fadfab3b Add role based access for API functions 2022-03-27 16:03:41 +01:00
Marcus Hill a6a7bf1f30 Restrict user (agent) create/edit/delete actions to admins only 2022-03-27 15:39:27 +01:00
Marcus Hill e6a314d233 Prevent tech/accountant from performing certain tasks as per access matrix 2022-03-27 15:32:40 +01:00
johnnyq 139bb6fd73 Set item_view to 0 when sharing a link 2022-03-26 11:10:27 -04:00
johnnyq 25f973d3a5 Additional Standardization of logging actions use Upload instead of Uploaded same with Download and Email 2022-03-26 10:27:11 -04:00
johnnyq 5f451dceef Standardize logging actions use Create instead of Created same with Modify and Delete 2022-03-26 10:12:40 -04:00
Marcus Hill e4d2d0c699 Prevent deletion of client unless user role is 3 (admin) 2022-03-24 20:52:26 +00:00
Marcus Hill fd589c53fa Delete scheduled tickets when client is deleted 2022-03-24 20:45:58 +00:00
Marcus Hill a598e9d42e Remove non-existant delete query that prevents client being deleted properly on some installs 2022-03-24 20:41:26 +00:00
Joe Clark 654b7adf6c Initialize variable to avoid PHP undefined error 2022-03-22 13:07:11 -07:00
Marcus Hill 34d6caa016 Client portal updates 2022-03-20 16:02:58 +00:00
Marcus Hill 3a6b893f4f Attempt to parse the expiry date for .com/.org/.net domains - hacky 2022-03-13 10:28:17 +00:00
Marcus Hill ead895aad5 Fetch A record details for domain when added 2022-03-13 09:32:08 +00:00
johnnyq 928af1d90d Added Ticket to Invoice functionality Thanks @aftechro 2022-03-11 20:24:03 -05:00
Marcus Hill e1a419ea11 Refactor domains modals so they are dyanmically populated. Implement basic NS, MX and WHOIS scraping for domains on add/edit 2022-03-07 22:31:19 +00:00
johnnyq d7fd8cc736 Fix invoice to recurring sent to wrong destination 2022-03-04 14:38:53 -05:00
johnnyq d4a63c14c3 DB Updated removed history_date from history table as this is redundant with history_created_at 2022-03-04 00:41:34 -05:00
johnnyq 165bd572a9 DB Update added contact_id to files, documents and logins Added Related Items Modal to Client Contacts still more work to do 2022-03-04 00:24:58 -05:00
johnnyq ecb628cad8 Fix Add Software 2022-03-03 23:28:16 -05:00
Marcus Hill bf909a71f8 Fix HTML Purifier removing images 2022-03-02 20:23:19 +00:00
johnnyq dec7f9be67 When Deleting software delete the relations asset licneses and user licneses. Fix post issue on adding software with defined asset or user licenses 2022-03-02 12:13:54 -05:00
Marcus Hill 8fcb854e91 Storing the secret in plaintext so we can use it during cron eventually 2022-02-26 21:59:01 +00:00
Marcus Hill e4dc22a0ce Add functionality to pull/sync assets & info from MeshCentral 2022-02-26 21:51:37 +00:00
johnnyq 79afb05298 Merge branch 'master' of github.com:johnnyq/itflow 2022-02-26 11:16:57 -05:00
johnnyq 112efbc314 DB Update tip_user_id added to the trips tables. Updated Trips to include the driver. WIP limit users to the session_company 2022-02-26 11:16:33 -05:00
Marcus Hill 0fac1f3039 Move ajax logic to ajax.php 2022-02-26 11:16:53 +00:00
Johnny 3bd79635ec
Merge pull request #376 from wrongecho/cert-parse 
SSL Parse - escape issued_by
 2022-02-24 15:42:58 -05:00
Marcus Hill 9837549fac Escape certificate issuer when parsed from public key, values like [Let's Encrypt] break it otherwise 2022-02-24 20:27:03 +00:00
Marcus Hill ee2d9e1b08 Dynamically load certificate edit modal with ajax, fix certificate details fetch error 2022-02-24 16:03:00 +00:00
johnnyq 3b615d2f3a UI updates mainly icon swaps etc 2022-02-22 14:41:48 -05:00
johnnyq a724807782 DB Structure Update - Added Extension to contact on export PDF, finished contact departments 2022-02-22 13:14:17 -05:00