c7aec8ae64
Respect module stylesheets again when generating the ETag
...
fixes #11465
2016-03-29 11:39:41 +02:00
6e28b4690e
Merge branch 'feature/user-getroles-10887'
...
resolves #10887
2016-03-29 11:28:56 +02:00
e0781cf8b5
Fix PHPDoc of AdmissionLoader::applyRoles()
...
refs #10887
2016-03-29 11:26:00 +02:00
5b5978787b
Move permission and restriction initialization in AdmissionLoader
...
refs #10887
2016-03-29 11:25:55 +02:00
32c6a03000
Remove Role::addPermission()
...
Method is not used.
refs #10887
2016-03-29 11:25:53 +02:00
123488cfc0
Remove Role::addRestriction()
...
Method is not used.
refs #10887
2016-03-29 11:25:51 +02:00
08b70267cd
Move setters after getter in Role.php
...
refs #10887
2016-03-29 11:25:47 +02:00
3d6ae6ac26
Fix PHPDoc of User::setRestrictions()
...
refs #10887
2016-03-29 11:25:39 +02:00
98934e9c5f
lib/DbConnection: Use isset for charset check
2016-03-24 17:55:30 +01:00
ea871ea032
Fix Cannot execute queries while other unbuffered queries are active
...
fixes #11264
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2016-03-24 17:53:55 +01:00
c6eb3cd2c7
Add missing User::$roles definition
...
refs #10887
2016-03-24 16:34:32 +01:00
df0d3aaf1e
AdmissionLoader: set the roles of the user
...
refs #10887
2016-03-24 16:24:24 +01:00
57ce39834d
Role: implement setPermissions() and setRestrictions()
...
refs #10887
2016-03-24 16:11:31 +01:00
f1f4cdc3cb
lib: Use AdmissionLoader::applyRoles() in Auth
...
refs #10887
2016-03-24 15:30:30 +01:00
1aa42bdaf6
lib: Add User::getRoles() and ::setRoles()
...
refs #10887
2016-03-24 15:30:07 +01:00
6ec1878977
lib: Add Authentication/Role
...
refs #10887
2016-03-24 15:29:39 +01:00
2699d2c9ed
lib: Rename AdmissionLoader::applyPerm... to applyRoles()
...
refs #10887
2016-03-24 15:28:21 +01:00
88d973ac39
Restrict access to application log with 'application/log' permission
...
fixes #11279
2016-03-02 20:47:37 +01:00
929f45deea
Fix session resume for external auths
...
When REMOTE_USER is not available from _SERVER (PHP internal webserver)
fixes #11277
2016-03-02 17:39:05 +01:00
845a8b78cf
Bump version
2016-02-29 22:41:58 +01:00
1fba491160
DbConnection: fix utf8-encoded MySQL connections
2016-02-29 20:58:34 +01:00
9c5dfc5207
Merge branch 'bugfix/benchmark-not-always-rendered-10856'
...
fixes #10856
2016-02-27 22:49:44 +01:00
03d7f3a1f4
Ensure trailing slash if cookie path is detected automatically
...
Seems like IE (8, 9, ?) has problems w/o the trailing slash and additional directories on the server that start w/ the path.
refs #11187
2016-02-27 22:42:32 +01:00
5f43ac8f26
Fix path, secure flag and domain of session cookies
...
refs #11187
2016-02-27 22:24:01 +01:00
5f642879c7
Respect cookie domain config in Cookie.php
...
refs #11187
2016-02-27 22:19:37 +01:00
923e902957
Web::bootstrap(): set up the request before setting up the session
...
refs #11187
2016-02-27 22:17:01 +01:00
7cef06f981
Disable benchmark only if the layout is disabled
...
Benchmark should be disabled if the response is not HTML. This is most likely the case when the layout is disabled.
If Web 2 or Zend sends JSON for example, the layout is disabled.
The follwing code inside an action disables the layout (and view):
$this->_helper->layout()->disableLayout();
The following code inside an action disables the action's view script:
$this->_helper->viewRenderer->setNoRender(true);
Note that an action's view script is also disabled via setNoRender() when rendering another view script via
render() or renderScript().
Another appraoch is to check the content-type. If explicitly set to not HTML, disable benchmark:
$renderBenchmark = true;
$response = $this->getResponse();
$headers = $response->getHeaders();
foreach ($headers as $header) {
if (strtolower($header['name']) === 'content-type'
&& stristr($header['value'], 'text/html') === false
) {
$renderBenchmark = false;
break;
}
}
if ($renderBenchmark) {
$layout->benchmark = $this->renderBenchmark();
}
Maybe we should also provide a action method for disabling benchmark, regardless of the user's setting.
refs #10856
2016-02-27 20:14:02 +01:00
bf7d082576
Fix PHPDoc of Url::addFilter()
2016-02-27 16:25:04 +01:00
5b0730574d
Simplify Url::addFilter()
...
This changes the rendered resulting Url from x&(y&z) to x&y&z.
refs #10778
2016-02-27 16:23:09 +01:00
8433bf1fc1
Don't hide the filter editor from the view if the view is compact
...
refs #10778
2016-02-27 15:57:00 +01:00
d8b14cb772
Control whether a filter editor should be rendered via setVisible()
...
We (may) have situations where a controller or view has to access the filter editor being created via Controller::setupFilterControl().
This is impossible if the view is compact because the filterEditor will be unset. This change introduces FilterEditor::setVisible() for
giving the responsibility of rendering to the filter editor. Controller::setupFilterControl() will be adapted accordingly.
refs #10778
2016-02-27 15:51:13 +01:00
88f4f68f29
Merge branch 'bugfix/move-auth-backend-configuration-to-app-config-10309'
...
fixes #10309
2016-02-27 15:25:11 +01:00
e4a0678df0
Load resources from config automatically instead of throwing an exception
...
fixes #10918
2016-02-26 12:29:30 +01:00
9d5e21e71e
Remove IniUserGroupBackend.php
...
Does not conform to its interface anymore and is not in use.
2016-02-26 10:32:13 +01:00
9231746d09
functions.php: failsafe method initialization
...
This avoids collisions for modules not using the fake bootstrap in our
current tests. Can be removed once we fixed that.
2016-02-25 18:07:29 +01:00
1bbb7a3118
Manager::detectEnabledModules(): shorten error message
2016-02-25 17:34:03 +01:00
1aada1abbb
Present the fact that Icinga Web 2's config directory isn't readable in a nicer way
...
fixes #11119
2016-02-25 17:31:09 +01:00
45168caa37
TimezoneDetect: support comma-separated icingaweb2-tzo cookies
2016-02-25 14:41:42 +01:00
af18334e3e
Cookie icingaweb2-tzo: use `-' as separator
...
fixes #11126
2016-02-25 13:21:34 +01:00
b7bdf2e8d4
Implement UrlValidator
2016-02-23 16:34:18 +01:00
c7443924bd
NavigationItemRenderer: Ignore target for '#' urls
...
fixes #11197
2016-02-22 11:13:23 +01:00
9ef78e6856
Fix double escape of `&' in navigation items
...
fixes #11190
2016-02-19 15:38:34 +01:00
41a8c75a4f
FilterEditor: always escape filter embedded in HTML
2016-02-19 15:22:10 +01:00
a83ab2c7cb
Escape URLs of navigation items while rendering them
...
fixes #11091
2016-02-18 15:01:21 +01:00
2ec36667eb
Web: change bootstrap order, fixes custom auth
2016-02-18 10:16:22 +01:00
a3c7a04826
Menu: rename Configuration/Authorization to Configuration/Authentication
...
refs #10309
2016-02-17 18:56:55 +01:00
97b5800f32
LessCompiler: fix #layout usage in module CSS
2016-02-17 18:26:07 +01:00
6c39fb51f8
Menu: move Configuration/Authentication to Configuration/Application/Authentication
...
refs #10309
2016-02-17 18:23:38 +01:00
b63d2ad291
Module: fix multi-instance hook registrations
...
This fixes the problem that registering the same Hook multiple times
with the provideHook shortcut and no class name kept only one
implementation
2016-02-17 10:30:25 +01:00
b005df68a2
Fix that user dashboards are always deleted on add/update
...
fixes #11136
2016-02-17 10:17:23 +01:00
Eric Lippmann
Raphael Bicker
Alexander A. Klimov
Markus Frosch
Marius Hein
Thomas Gelf
Johannes Meyer