1. 04 Oct, 2021 1 commit
  2. 01 Oct, 2021 1 commit
  3. 24 Sep, 2021 2 commits
  4. 16 Sep, 2021 1 commit
    • Cédric Anne's avatar
      Ensure AJAX writing operations are using POST method (#9552) · b98a0445
      Cédric Anne authored
      * Use POST method for agent requests and fix response content-type
      
      * Ensure Gantt AJAX writing operations are using POST method
      
      * Ensure Kanban AJAX writing operations are using POST method
      
      * Ensure Reservation AJAX writing operations are using POST method
      b98a0445
  5. 15 Sep, 2021 2 commits
    • Alexandre Delaunay's avatar
      Merge pull request from GHSA-xx66-v3g5-w825 · 09213044
      Alexandre Delaunay authored
      
      
      * avoid view on ajax/telemetry without admin rights
      
      * fix install/update process
      Co-authored-by: default avatarCédric Anne <cedric.anne@gmail.com>
      09213044
    • Cédric Anne's avatar
      Merge pull request from GHSA-5qpf-32w7-c56p · 93750ead
      Cédric Anne authored
      * Protect ITIL document deletion against CSRF
      
      * Protect AJAX POST queries against CSRF
      
      * Keep CSRF token when used from AJAX query
      
      * Ensure marketplace writing actions are using POST
      
      * Ensure planning writing actions are using POST
      
      * Ensure datacenter writing actions are using POST
      
      * Ensure timeline writing actions are using POST
      
      * Ensure objectlock writing actions are using POST
      
      * Ensure dashboard writing actions are using POST
      
      * Ensure file uploads are using POST
      
      * Ensure kanban writing actions are using POST
      
      * Ensure cache reset operations are using POST
      93750ead
  6. 24 Aug, 2021 1 commit
  7. 23 Aug, 2021 1 commit
  8. 03 Aug, 2021 1 commit
  9. 26 Jul, 2021 1 commit
  10. 23 Jul, 2021 1 commit
  11. 22 Jul, 2021 1 commit
  12. 12 Jul, 2021 1 commit
  13. 05 Jul, 2021 1 commit
  14. 15 Jun, 2021 2 commits
  15. 09 Jun, 2021 1 commit
  16. 02 Jun, 2021 1 commit
  17. 19 May, 2021 1 commit
  18. 13 Apr, 2021 1 commit
  19. 11 Mar, 2021 1 commit
  20. 04 Mar, 2021 1 commit
  21. 02 Mar, 2021 3 commits
  22. 25 Jan, 2021 1 commit
    • Curtis Conard's avatar
      Kanban Phase 2 (Part 1) (#7928) · 402e00ad
      Curtis Conard authored
      
      
      * Some ES6 migration
      
      * Show card content preview on card title hover
      
      * Open card edit form in dialog
      
      * Card actions (Just delete for now)
      
      * Add icon to cards to identify type
      
      * Add Go To card action to open full form
      
      Opens the full item form as it previously did when clicking the card title.
      While the current behavior of opening the main form in a dialog when clicking the card title may be enough for a lot of cases, it is nice to have the option to go to the full form.
      
      * Implement Kanban rights class
      
      * Fix lint + Final commit for this PR
      
      * Apply suggestions from code review
      Co-authored-by: default avatarCédric Anne <cedric.anne@gmail.com>
      
      * Replace some Kanban rights references
      
      * Dark mode fixes
      
      * Convert Goto action to link
      
      * Fix clickable zone on links and links styling
      
      * Update ajax/kanban.php
      Co-authored-by: default avatarAlexandre Delaunay <delaunay.alexandre@gmail.com>
      
      * Remove slash before query params
      Co-authored-by: default avatarCédric Anne <cedric.anne@gmail.com>
      Co-authored-by: default avatarAlexandre Delaunay <delaunay.alexandre@gmail.com>
      402e00ad
  23. 22 Jan, 2021 1 commit
  24. 20 Jan, 2021 1 commit
    • Johan Cwiklinski's avatar
      Native inventory, based on JSON schema · 3a38ec5e
      Johan Cwiklinski authored
      Schema doc: https://github.com/glpi-project/inventory_format
      Can be overrided from a plugin to inventory its own types.
      
      Based on inventory features provided from fusioninventoryplugin, and
      compatible with
      
      New uUpgraded equipement rules to handle several itemtypes, add reset capacity
      Handle Phones inventories
      Add entites rules
      
      Locks management for fields and its tests:
      - Fields that have been updated from GLPI must not be modified from
      inventory, and inventory does not lock anything.
      - An icon is displayed in main item form only, even if all item types
      can be locked. Displaying on all forms would require to change each
      form individually (very huge work to copy a few lines of code).
      - All item types can be locked
      
      Overridable USB and PCI vendors list
      
      Network inventory
      
      Support for network equipments, stacked, wireless, VLANS,
      LLDP/CDP and MAC connections, hubs
      
      Add some missing fields in network tables
      
      Use withHistory and fix usages
      Check request mime type lowerca...
      3a38ec5e
  25. 07 Jan, 2021 1 commit
  26. 05 Jan, 2021 1 commit
  27. 04 Jan, 2021 2 commits
  28. 21 Dec, 2020 1 commit
  29. 04 Dec, 2020 1 commit
  30. 25 Nov, 2020 1 commit
    • Alexandre Delaunay's avatar
      Merge pull request from GHSA-pqfv-4pvr-55r4 · e0d6a24d
      Alexandre Delaunay authored
      validate itemtype before send data from getDropdownValue
      move idor functions to Session, and generalize idor checks to all ajax dropdowns
      add idor tokens to search engine
      idor token for getDropdownUsers now include right param
      improve idor mecanism to have more params to check
      add tests
      protect from idor also comments
      switch ajax/comments.php to itemtype param instead table param
      e0d6a24d
  31. 18 Nov, 2020 1 commit
  32. 29 Oct, 2020 1 commit
  33. 06 Oct, 2020 1 commit
  34. 05 Oct, 2020 1 commit