Merge remote-tracking branch 'origin/develop'

# Conflicts:
#	config/version.php

Author: snipe

app/Http/Controllers/Auth/SamlController.php

@@ -53,8 +53,10 @@ public function metadata(Request $request)
         if (empty($metadata)) {
             return response()->view('errors.403', [], 403);
         }
-
-        return response($metadata)->header('Content-Type', 'text/xml');
+    
+        return response()->streamDownload(function () use ($metadata) {
+            echo $metadata;
+        }, 'snipe-it-metadata.xml', ['Content-Type' => 'text/xml']);
     }
 
     /**

app/Http/Kernel.php

@@ -38,6 +38,7 @@ class Kernel extends HttpKernel
             \App\Http\Middleware\CheckLocale::class,
             \App\Http\Middleware\CheckForTwoFactor::class,
             \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
+            \App\Http\Middleware\AssetCountForSidebar::class,
         ],
 
         'api' => [

app/Http/Middleware/AssetCountForSidebar.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Auth;
+use App\Models\Asset;
+use Closure;
+
+class AssetCountForSidebar
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $total_rtd_sidebar = Asset::RTD()->count();
+        $total_deployed_sidebar = Asset::Deployed()->count();
+        $total_archived_sidebar = Asset::Archived()->count();
+        $total_pending_sidebar = Asset::Pending()->count();
+        $total_undeployable_sidebar = Asset::Undeployable()->count();
+        view()->share('total_rtd_sidebar', $total_rtd_sidebar);
+        view()->share('total_deployed_sidebar', $total_deployed_sidebar);
+        view()->share('total_archived_sidebar', $total_archived_sidebar);
+        view()->share('total_pending_sidebar', $total_pending_sidebar);
+        view()->share('total_undeployable_sidebar', $total_undeployable_sidebar);
+
+        return $next($request);
+    }
+}

app/Http/Requests/SettingsSamlRequest.php

@@ -70,22 +70,27 @@ public function withValidator($validator)
                 ]);
 
                 $csr = openssl_csr_new($dn, $pkey, ['digest_alg' => 'sha256']);
-                
-                $x509 = openssl_csr_sign($csr, null, $pkey, 3650, ['digest_alg' => 'sha256']);
 
-                openssl_x509_export($x509, $x509cert);
-                openssl_pkey_export($pkey, $privateKey);
+                if ($csr) {
 
-                $errors = [];
-                while (($error = openssl_error_string() !== false)) {
-                    $errors[] = $error;
-                }
-    
-                if (!(empty($x509cert) && empty($privateKey))) {
-                    $this->merge([
-                        'saml_sp_x509cert' => $x509cert,
-                        'saml_sp_privatekey' => $privateKey,
-                    ]);
+                    $x509 = openssl_csr_sign($csr, null, $pkey, 3650, ['digest_alg' => 'sha256']);
+
+                    openssl_x509_export($x509, $x509cert);
+                    openssl_pkey_export($pkey, $privateKey);
+
+                    $errors = [];
+                    while (($error = openssl_error_string() !== false)) {
+                        $errors[] = $error;
+                    }
+        
+                    if (!(empty($x509cert) && empty($privateKey))) {
+                        $this->merge([
+                            'saml_sp_x509cert' => $x509cert,
+                            'saml_sp_privatekey' => $privateKey,
+                        ]);
+                    }
+                } else {
+                    $validator->errors()->add('saml_integration', 'openssl.cnf is missing/invalid');
                 }
             }
 

app/Models/User.php

@@ -70,6 +70,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
      * @var array
      */
 
+    // 'username' => 'required|string|min:1|unique:users,username,NULL,id,deleted_at,NULL',
     protected $rules = [
         'first_name'              => 'required|string|min:1',
         'username'                => 'required|string|min:1|unique_undeleted',

app/Services/Saml.php

@@ -5,6 +5,7 @@
 use OneLogin\Saml2\Auth as OneLogin_Saml2_Auth;
 use OneLogin\Saml2\IdPMetadataParser as OneLogin_Saml2_IdPMetadataParser;
 use OneLogin\Saml2\Settings as OneLogin_Saml2_Settings;
+use OneLogin\Saml2\Utils as OneLogin_Saml2_Utils;
 use App\Models\Setting;
 use App\Models\User;
 use Exception;
@@ -153,6 +154,9 @@ private function loadSettings()
         $this->_enabled = $setting->saml_enabled == '1';
 
         if ($this->isEnabled()) {
+            //Let onelogin/php-saml know to use 'X-Forwarded-*' headers if it is from a trusted proxy
+            OneLogin_Saml2_Utils::setProxyVars(request()->isFromTrustedProxy());
+
             data_set($settings, 'sp.entityId', url('/'));
             data_set($settings, 'sp.assertionConsumerService.url', route('saml.acs'));
             data_set($settings, 'sp.singleLogoutService.url', route('saml.sls'));

config/version.php

@@ -1,10 +1,10 @@
 <?php
 return array (
-  'app_version' => 'v5.0.7',
-  'full_app_version' => 'v5.0.7 - build 5615-g6eb860ca2',
-  'build_version' => '5615',
+  'app_version' => 'v5.0.8',
+  'full_app_version' => 'v5.0.8 - build 5616-8a38b9d',
+  'build_version' => '5616',
   'prerelease_version' => '',
-  'hash_version' => 'g6eb860ca2',
-  'full_hash' => 'v5.0.7-87-g6eb860ca2',
+  'hash_version' => '8a38b9d',
+  'full_hash' => 'v5.0.8-87-8a38b9d',
   'branch' => 'master',
 );

resources/lang/en/admin/settings/general.php

@@ -125,6 +125,7 @@
     'saml_sp_acs_url'           => 'Assertion Consumer Service (ACS) URL',
     'saml_sp_sls_url'           => 'Single Logout Service (SLS) URL',
     'saml_sp_x509cert'          => 'Public Certificate',
+    'saml_sp_metadata_url'      => 'Metadata URL',
     'saml_idp_metadata'         => 'SAML IdP Metadata',
     'saml_idp_metadata_help'    => 'You can specify the IdP metadata using a URL or XML file.',
     'saml_attr_mapping_username' => 'Attribute Mapping - Username',

resources/views/layouts/default.blade.php

@@ -403,46 +403,52 @@
                 </a>
                 <ul class="treeview-menu">
                   <li>
-                    <a href="{{ url('hardware') }}">
+                      <a href="{{ url('hardware') }}">
+                          <i class="fa fa-circle-o text-grey" aria-hidden="true"></i>
                         {{ trans('general.list_all') }}
                     </a>
                   </li>
 
-                    <?php $status_navs = \App\Models\Statuslabel::where('show_in_nav', '=', 1)->get(); ?>
+                    <?php $status_navs = \App\Models\Statuslabel::where('show_in_nav', '=', 1)->withCount('assets as asset_count')->get(); ?>
                     @if (count($status_navs) > 0)
-                        <li class="divider">&nbsp;</li>
                         @foreach ($status_navs as $status_nav)
-                            <li><a href="{{ route('statuslabels.show', ['statuslabel' => $status_nav->id]) }}"}> {{ $status_nav->name }}</a></li>
+                            <li><a href="{{ route('statuslabels.show', ['statuslabel' => $status_nav->id]) }}"><i class="fa fa-circle text-grey" aria-hidden="true"></i> {{ $status_nav->name }} ({{ $status_nav->asset_count }})</a></li>
                         @endforeach
                     @endif
 
 
                   <li{!! (Request::query('status') == 'Deployed' ? ' class="active"' : '') !!}>
-                    <a href="{{ url('hardware?status=Deployed') }}"><i class="fa fa-circle-o text-blue"></i>
+                    <a href="{{ url('hardware?status=Deployed') }}">
+                        <i class="fa fa-circle-o text-blue"></i>
                         {{ trans('general.all') }}
                         {{ trans('general.deployed') }}
+                        ({{ ($total_deployed_sidebar) ? $total_deployed_sidebar : '' }})
                     </a>
                   </li>
                   <li{!! (Request::query('status') == 'RTD' ? ' class="active"' : '') !!}>
                     <a href="{{ url('hardware?status=RTD') }}">
                         <i class="fa fa-circle-o text-green"></i>
                         {{ trans('general.all') }}
                         {{ trans('general.ready_to_deploy') }}
+                        ({{ ($total_rtd_sidebar) ? $total_rtd_sidebar : '' }})
                     </a>
                   </li>
                   <li{!! (Request::query('status') == 'Pending' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Pending') }}"><i class="fa fa-circle-o text-orange"></i>
                           {{ trans('general.all') }}
                           {{ trans('general.pending') }}
+                          ({{ ($total_pending_sidebar) ? $total_pending_sidebar : '' }})
                       </a>
                   </li>
                   <li{!! (Request::query('status') == 'Undeployable' ? ' class="active"' : '') !!} ><a href="{{ url('hardware?status=Undeployable') }}"><i class="fa fa-times text-red"></i>
                           {{ trans('general.all') }}
                           {{ trans('general.undeployable') }}
+                          ({{ ($total_undeployable_sidebar) ? $total_undeployable_sidebar : '' }})
                       </a>
                   </li>
                   <li{!! (Request::query('status') == 'Archived' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Archived') }}"><i class="fa fa-times text-red"></i>
                           {{ trans('general.all') }}
                           {{ trans('admin/hardware/general.archived') }}
+                          ({{ ($total_archived_sidebar) ? $total_archived_sidebar : '' }})
                           </a>
                   </li>
                     <li{!! (Request::query('status') == 'Requestable' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Requestable') }}"><i class="fa fa-check text-blue"></i>

resources/views/settings/saml.blade.php

@@ -55,6 +55,7 @@
 
                                 {{ Form::checkbox('saml_enabled', '1', Request::old('saml_enabled', $setting->saml_enabled), [((config('app.lock_passwords')===true)) ? 'disabled ': '', 'class' => 'minimal '. $setting->demoMode, $setting->demoMode]) }}
                                 {{ trans('admin/settings/general.saml_enabled') }}
+                                {!! $errors->first('saml_integration', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}<br>
                                 @if (config('app.lock_passwords')===true)
                                 <p class="text-warning"><i class="fa fa-lock"></i> {{ trans('general.feature_disabled') }}</p>
                                 @endif
@@ -82,8 +83,12 @@
                                         {{ Form::textarea('saml_sp_x509cert', $setting->saml_sp_x509cert, ['class' => 'form-control', 'wrap' => 'off', 'readonly']) }}
                                         <br>
                                     @endif
+                                    <!-- SAML SP Metadata URL -->
+                                    {{ Form::label('saml_sp_metadata_url', trans('admin/settings/general.saml_sp_metadata_url')) }}
+                                    {{ Form::text('saml_sp_metadata_url', route('saml.metadata'), ['class' => 'form-control', 'readonly']) }}
+                                    <br>
                                     <p class="help-block">
-                                        <a href="{{ route('saml.metadata') }}" target="_blank" class="btn btn-default" style="margin-right: 5px;">View Metadata</a>
+                                        <a href="{{ route('saml.metadata') }}" target="_blank" class="btn btn-default" style="margin-right: 5px;">Download Metadata</a>
                                     </p>
                                 @endif
                                 {!! $errors->first('saml_enabled', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}