3825 Commits

Author SHA1 Message Date
Johannes Meyer
77244b2c1b Raise version to v2.8.2 2020-08-19 11:03:31 +02:00
Johannes Meyer
c3d329bd48 Raise version to 2.8.1 2020-06-29 10:30:58 +02:00
Johannes Meyer
b288d86e91 DbQuery: Return non-string args as is in valueToTimestamp()
fixes #4182
2020-06-24 14:09:13 +02:00
Johannes Meyer
4d173e6746 DbUserBackend: Lowercase usernames before fetching password hashes
The BINARY cast to make trailing spaces significant (#4030) also
made these queries case-sensitive. This wasn't identified at the
time because the query itself wasn't case-insensitive, but the
default collation on the `name` column. (Tests sometimes are the
perfect mitigation for this...)

fixes #4184
2020-06-24 14:08:30 +02:00
Johannes Meyer
e95fac3ff1 Raise version to 2.8.0 2020-06-08 10:51:35 +02:00
Johannes Meyer
62dd0b3f1e ActionController: Fix that view variable compact is undefined
refs #4164
2020-06-08 09:26:36 +02:00
Johannes Meyer
a240e306ed Preserve/Remove param showCompact instead of view 2020-06-04 08:50:41 +02:00
Johannes Meyer
6cf9f19048 ActionController: Shift parameter view if its value is compact 2020-06-04 08:50:41 +02:00
Johannes Meyer
60c3fd6406 FilterEditor: Use a new url from request when redirecting searches
Creating a new url has the benefit that all framework params are
still there. `$this->url()` however returns a url that's already
mangled and parameter preservation does not work for framework
params.

This is not quite the correct fix. But the entire parameter
handling here is way too convoluted.
2020-06-04 08:50:41 +02:00
Johannes Meyer
46c6201a21 Url: Add method onlyWith() 2020-06-04 08:50:41 +02:00
Eric Lippmann
49eb245580 CLI: Also register assets
Because assets are not registered in the CLI context,
CLI actions cannot access the full style sheet.
This is necessary for Icinga Reporting though in order to send PDF reports.
2020-06-04 07:31:02 +02:00
Eric Lippmann
fce2858beb LDAP: Add option to disable server side sorting
We automatically detect whether the server supports server side sorting
and sort manually if that is not the case. But there are LDAP servers
which report that they support this feature in general but have it
disabled for certain fields.

If we send the server side control for any field that has server side
sort disabled, the LDAP server will abort the query.

With the new configuration option it is possible to disable server side
sorting and it has precedence over our automatic detection.
Since this is a very special LDAP server configuration, there is no GUI
option for this.
2020-05-25 11:08:13 +02:00
Johannes Meyer
c2f380cf9b Dashlet: Use showCompact instead of view=compact
Allows dashlets to use their own value for parameter `view`
2020-05-19 16:46:58 +02:00
Johannes Meyer
c40d134ea5 ApplicationBootstrap: Use L10n locales in getLocaleDir() if available 2020-05-11 17:05:23 +02:00
Johannes Meyer
8b8094e9cc dashboards: Increase size of dashlets in no-js envs 2020-04-15 09:42:36 +02:00
Johannes Meyer
5ed41868d9 css: Fix no-script apply styles in non-inline forms 2020-04-15 09:42:36 +02:00
Alexander A. Klimov
568619b92e Form: allow checkboxes to be required 2020-04-09 14:03:21 +02:00
Feu Mourek
c2568548cf Add appropriate aria labels to donut graphs 2020-04-09 08:36:29 +02:00
Johannes Meyer
d72bdc2c32 Raise version to 2.8.0-rc1 2020-03-13 10:40:35 +01:00
Eric Lippmann
e11feb81f5 Don't fail with an exception if module.info is flawed 2020-03-12 14:26:15 +01:00
Eric Lippmann
3361cac59a CLI: Setup fake auth
Since version 2.7.x CLI actions load all enabled modules automatically.
This includes launching configuration.php and run.php. Though code
in those files should be restricted to a supported set of functions,
module devs may write any code here. If a module requires authentication
in those files, CLI actions fail because there is no auth possible.
With this patch, we setup a fake user named "cli" w/o any permission when
running CLI actions.
2020-03-02 14:16:28 +01:00
Eric Lippmann
990a5e4d61 Introduce Auth::setUser() 2020-03-02 14:15:53 +01:00
Johannes Meyer
3a66b0a950 FilterExpression: Pass used delimiter to preg_quote
fixes #4090
2020-03-02 08:39:46 +01:00
Johannes Meyer
eb674509b4 BaseTestCase: Read db host and port from env vars if available 2020-01-21 14:13:15 +01:00
Johannes Meyer
05135e716e
Merge pull request #4049 from Icinga/fix/pdfexport-hooks-may-cause-bad-loading-times
Fix pdfexport hooks may cause bad loading times
2020-01-16 09:02:31 +01:00
Johannes Meyer
69d15824fb
Merge pull request #4048 from Icinga/fix/server-side-window-handling
Fix server side window handling
2020-01-16 08:57:11 +01:00
Eric Lippmann
73a4d8ac31 WebBaseHook: Make setView() fluent 2020-01-14 16:06:22 +01:00
Eric Lippmann
dd500578c9 Url: Fix @return hints
Before, sublcasses of Url suffered from @return Url hints. This is
@return static now.
2020-01-14 14:26:14 +01:00
Johannes Meyer
8da37e5ca2
Merge pull request #4044 from Icinga/fix/pdf-export-error-handling
Fix pdf export error handling
2020-01-14 11:13:01 +01:00
Johannes Meyer
6a8f17faf2 OutputFormat: Just provide the pdf export if there's a hook available
Calling `isSupported()` is bad here since there may be IO involved.
2020-01-14 11:01:53 +01:00
Johannes Meyer
29aaa363b4 Pdf: Utilize an pdfexport hook without calling isSupported()
If it's not supported, users should disable the module. If there
are multiple hooks supported at some point we need to touch this
again anyways. So that should suffice for now.
2020-01-14 10:59:01 +01:00
Johannes Meyer
9fe43dda5f ActionController: Drop method handlerBrowserWindows() 2020-01-14 10:14:02 +01:00
Johannes Meyer
855bb8ae72 Properly handle window id's and container id's 2020-01-14 10:14:02 +01:00
Johannes Meyer
2d3fc218db Window: Differentiate between window and container id 2020-01-14 10:14:02 +01:00
Johannes Meyer
d459e58aca Response: Add methods to override the client's window id 2020-01-14 10:14:02 +01:00
Johannes Meyer
098bcfb98f LdapConnection: Ignore unknown vendor upon inspection 2020-01-13 13:46:32 +01:00
Johannes Meyer
7bb9c8e25f LdapConnnection: Don't pass param $serverCtrls to ldap_search prior php 7.3
refs #4013
2020-01-13 13:17:40 +01:00
Johannes Meyer
5a58279995 ActionController: Don't render exceptions as PDF 2020-01-10 14:11:52 +01:00
Johannes Meyer
5943e6bde9 Pdf: Restore previous state after rendering content
In case an exception occurs its output was previously merged
with the rendered content or even PDF..
2020-01-10 14:11:40 +01:00
Johannes Meyer
f63dfa5294 DbUserBackend: Use binary string comparison if it's a mysql db 2019-12-11 10:15:05 +01:00
Johannes Meyer
e6d9819adb FilterQueryString: Parse numbers as floats in range conditions 2019-12-09 09:39:50 +01:00
Johannes Meyer
dc8981f209 ConfigFormEventsHook: Use base class Icinga\Web\Form in type hints 2019-12-09 09:01:33 +01:00
Johannes Meyer
4157821c89 IcingaCheckbox: Don't display:none the checkbox but add .sr-only to it 2019-12-05 16:12:41 +01:00
Johannes Meyer
668ae38497 ExternalBackend: Don't authenticate a user if REMOTE_USER is empty 2019-12-05 15:13:02 +01:00
Johannes Meyer
d0857345d0 DbConnection: Set COLLATE 'latin1_general_ci' for latin1 charsets
MySQL 8+ seems a bit more strict now.
2019-12-05 14:18:17 +01:00
Johannes Meyer
8519bb5d11 User: Don't return true if any permission is granted and * is required 2019-12-05 08:44:33 +01:00
Johannes Meyer
7b488d7f93 swag: Fix violations of PSR-12
PSR-2 has been deprecated and phpcs v3.5.3
now checks for the successor PSR-12
2019-12-04 11:28:08 +01:00
Johannes Meyer
0442c4f0ab View: Ignore setting short_open_tag
Adjusting class `Zend_View_Stream` according to https://www.php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.stream-wrappers
didn't work. (*syntax error, unexpected end of file* after every last php statement in phtml files)

So.. since `<?= ?>` instructions are permanently available since PHP 5.4 (https://www.php.net/manual/en/language.basic-syntax.phptags.php)
we'll just omit using a custom stream wrapper now.
2019-12-04 09:35:24 +01:00
Johannes Meyer
7bc1893a24 LdapConnection: Don't utilize ldap_control_paged_result() on PHP 7.3+
https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.ldap
2019-12-04 09:33:13 +01:00
Johannes Meyer
9b1dc44130 FilterEditor: Also trim trailing whitespace from search values
Simple values are wrapped with `*` anyway, so trimming all
whitespace doesn't pose an issue. (Even if inserted intentionally)
This doesn't apply to qualified search values. (e.g. `host = abc `)

resolves #4002
2019-12-03 10:33:00 +01:00