b93dc06f5b
ActionController: Let the repsonse itself set its headers
...
The only header that is now set by the ActionController is X-Icinga-Title,
all others are delegated to Icinga\Web\Response.
2017-07-13 12:56:03 +02:00
0d52bb421f
ActionController: Don't re-enable the layout when just setting XHR layout
...
In case someone doesn't want the layout, we should not force it, especially
not for XHR requests.
2017-07-12 16:54:52 +02:00
f6166b3ab6
ActionController: Allow to control which inline view script to use
...
This also affects that rerendering the layout does only have any effect
in case of XHR requests and is not overwritten anymore in this case.
Since this property was previously private, this should not break anything.
2017-06-28 11:14:01 +02:00
22223acf1d
Controllers: Make all private properties protected
...
Controllers are neither library stuff nor any vital part that need to be
protected from too adventurous module developers.
2017-06-28 09:51:28 +02:00
8ee6e763a6
ActionController: Ensure to utilize the response to redirect and exit
2017-06-19 09:11:12 +02:00
df04c0f837
ActionController: Introduce constant DEFAULT_TITLE
...
Controllers are now allowed to fully customize the page title.
2017-06-09 11:13:37 +02:00
8a890a4a82
ActionController: Allow controllers to customize the login route
2017-05-19 08:39:11 +02:00
181e2ef05c
Swag: Fix swag (aka a whole bunch of code style issues..)
2017-01-27 14:48:59 +01:00
2b060d9bd4
Challenge API requests only if the controller requires auth
...
fixes #12580
2016-11-07 10:40:38 +01:00
c8b1693fdc
Fix Controller::assertPermission() allowing everything for unauthenticated requests
...
fixes #12108
2016-09-12 08:18:36 +02:00
7cef06f981
Disable benchmark only if the layout is disabled
...
Benchmark should be disabled if the response is not HTML. This is most likely the case when the layout is disabled.
If Web 2 or Zend sends JSON for example, the layout is disabled.
The follwing code inside an action disables the layout (and view):
$this->_helper->layout()->disableLayout();
The following code inside an action disables the action's view script:
$this->_helper->viewRenderer->setNoRender(true);
Note that an action's view script is also disabled via setNoRender() when rendering another view script via
render() or renderScript().
Another appraoch is to check the content-type. If explicitly set to not HTML, disable benchmark:
$renderBenchmark = true;
$response = $this->getResponse();
$headers = $response->getHeaders();
foreach ($headers as $header) {
if (strtolower($header['name']) === 'content-type'
&& stristr($header['value'], 'text/html') === false
) {
$renderBenchmark = false;
break;
}
}
if ($renderBenchmark) {
$layout->benchmark = $this->renderBenchmark();
}
Maybe we should also provide a action method for disabling benchmark, regardless of the user's setting.
refs #10856
2016-02-27 20:14:02 +01:00
474803fee4
Change all license headers to only reflect a file's year of creation
...
refs #11000
2016-02-08 15:41:00 +01:00
53f29131af
ActionController: Use a controller's inner layout script instead of "body"
...
"body" is still the default inner layout script.
2015-10-02 10:18:37 +02:00
c5f444efe8
lib: Don't alias Zend classes in the ActionController
2015-08-20 16:10:39 +02:00
6ca02a519b
lib: Fix type hint of Controller::getResponse()
2015-08-20 16:07:24 +02:00
62f0281a62
lib: Fix type hint of Controller::getRequest()
2015-08-20 16:00:24 +02:00
63e639caf0
Handle module identification directly in the ActionController
...
Fixes some issues with more complex customisations in a
module's controller.
Obsoletes: 93f8297344
2015-08-19 13:39:46 +02:00
036da072c5
Revert "ActionController: Give modules a chance to dynamically require auth"
...
This reverts commit 93f8297344
2015-08-19 13:39:46 +02:00
93f8297344
ActionController: Give modules a chance to dynamically require auth
2015-08-18 11:28:02 +02:00
fa1e3a763d
Do not show the full layout on the login page
...
...
refs #9892
2015-08-13 08:12:30 +02:00
81aad9d6a6
Rename Notifiation::getMessages() to popMessages()
...
Because the call to popMessages()--before getMessages()--automatically resets the notification messages on the instance, popMessages() is a much better name for the method.
refs #9660
2015-07-30 13:45:39 +02:00
07849e0fea
lib: Rename Authentication/Manager to Authentication/Auth
...
refs #9660
2015-07-28 17:08:55 +02:00
7cfc78558d
Merge branch 'master' into feature/secure-modules-9644
...
Conflicts:
library/Icinga/Exception/IcingaException.php
2015-07-28 13:42:02 +02:00
b000ae3a37
Do not require permissions if authentication is not required
...
refs #9644
2015-07-23 12:50:02 +02:00
13d954a956
Fix rawurlencode call
2015-07-22 13:36:25 +02:00
ab8e775188
Fix duplicate headers on forward() inside a controller
...
This avoids that the JS loader flattening arrays.
refs #9349
2015-07-22 13:34:44 +02:00
d192410435
Introduce GET parameter _disableLayout to ... disable the entire layout
...
refs #8758
2015-07-16 11:23:48 +02:00
2e375dd57c
Do not bypass the view renderer when rendering benchmarks
...
fixes #9402
2015-06-22 13:56:41 +02:00
1f5db2f8c1
ActionController: introduce showCompact
...
Works like view=compact, it will allow us to "free" the "view" parameter
2015-06-18 13:41:12 +02:00
2f62a4383a
Layout: add showFullscreen parameter
...
refs #6729
2015-06-18 13:41:12 +02:00
71a2324cb9
lib: Let Controller::assertHttpMethod() throw a HttpMethodNotAllowedException
...
refs #6281
2015-05-22 09:12:42 +02:00
675d070b86
Set the view property `compact' exactly once
...
refs #7876
2015-04-15 15:33:00 +02:00
d882ea11b4
Avoid to set an empty redirect url parameter when accessing icinga web 2
2015-04-15 11:00:47 +02:00
dfd8c91827
Add PHPDoc to ActionController::$params
2015-04-07 12:25:46 +02:00
29d5fd351b
Merge branch 'bugfix/logout-external-8626'
...
fixes #8626
2015-03-12 16:47:49 +01:00
8563d5ed3f
PHPDoc: Use @var instead of @type
...
Becasue of too many kittens PSR-5 backed off of deprecating @var.
So that's the way we go too.
2015-03-12 16:08:47 +01:00
749957c3b4
Fix too greedy __SELF__ login redirect on XHR
...
I introduced this bug some commits earlier. We only must redirect to __SELF__ on XHR
if a redirect URL was set.
refs #8626
2015-03-12 00:57:03 +01:00
2f752ed1ac
Respond with HTTP status code 403 when an XHR requires authentication
...
refs #8626
2015-03-11 22:32:04 +01:00
bc1336b6f9
Fix stupid code in ActionController::redirectToLogin()
...
refs #8626
2015-03-11 21:49:20 +01:00
4ebfbf83ab
Leave note about __SELF__ in our action controller
...
refs #8626
2015-03-11 21:40:14 +01:00
2112676594
Implement hidden accessible control for auto refresh on the page
...
refs #7945
2015-02-13 14:34:29 +01:00
b9c9f564ec
Add editable auto_refresh parameter to the user preferences
...
refs #7945
2015-02-12 15:12:10 +01:00
97261cd8bd
lib: Do not setLayout('pdf') twice
2015-02-11 15:15:18 +01:00
6bae2e0a53
Note that our license is GPL v2 or any later version in our license header instead of pointing to the license's URL
2015-02-04 10:52:27 +01:00
5b4fab0750
Add license header
...
This time without syntax errors hopefully :)
2015-02-03 16:27:59 +01:00
5fa2e3cfdc
Revert "Add license header"
...
This reverts commit 338d067aba
2015-02-03 16:16:26 +01:00
338d067aba
Add license header
...
fixes #7788
2015-02-03 15:51:04 +01:00
2faf5f0ca1
Throw SecurityException in ActionController::assertPermission()
2015-01-30 09:34:19 +01:00
6da3cb8403
lib: Reorder auth related functions in the ActionController
2015-01-23 09:36:05 +01:00
ef0a7c0e77
Revert "Security: Temporary grant all permissions"
...
This reverts commit 9b7e75a616
2015-01-22 17:11:53 +01:00
Johannes Meyer
Eric Lippmann
Alexander A. Klimov
Eric Lippmann
Johannes Meyer
Markus Frosch
Thomas Gelf
Alexander Fuhr