tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-31 01:34:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,179 Commits 126 Branches 76 Tags
Commit Graph

14179 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
raviks789
91ad755759 Remove redundant gravatar in contact detail 
The gravatar for contacts was never correctly rendered in the detailed page. Hence it will be
completely removed.
 2023-09-07 13:38:02 +02:00
Sukhwinder Dhillon
8739a9da73
Fix setup wizard (#5094) 2023-09-07 13:37:10 +02:00
Alexander A. Klimov
783fe036f1 Release GHA: create only one Docker image at the same time 
Just like in all other repos making Docker images.

The following tasks finish our ARM support and depend on each other:

* [ ] Push only one Docker image at the same time (this PR)
* [ ] GHA repo: auto-create not just X.Y.Z tags, but also X.Y, X and latest
* [ ] GHA repo: build multi-platform images

Deriving X.Y from X.Y.Z is easy. Also nobody releases a vX.Y.Z and a
vX.Y.{Z+1} at the same time. But a vX.Y.Z and a vX.{Y+1}.0 is likely.
Both check Docker Hub, both get green light and both push :latest. Who wins?
 2023-09-07 13:35:10 +02:00
Johannes Meyer
6e16ded825 loader.js: Don't attempt to load an extra update to a closed column 2023-09-07 13:00:45 +02:00
Johannes Meyer
a3c04f9108 loader.js: Allow to initiate a refresh with __REFRESH__ 2023-09-07 12:59:53 +02:00
Johannes Meyer
cdfe7e9aba
loader.js: Don't refresh twice upon __CLOSE__ (#5106) 2023-09-07 12:50:13 +02:00
Johannes Meyer
8f5b62f532 loader.js: Perform a proper redirect upon __CLOSE__ 
This allows the temporary adjustment of the autorefresh
interval.
 2023-09-07 12:07:48 +02:00
Johannes Meyer
03f62887b8 loader.js: Don't refresh twice upon __CLOSE__ 2023-09-07 09:42:05 +02:00
Johannes Meyer
648cdd7ef4 Fix incorrect message for invalid states 2023-09-07 09:37:51 +02:00
Johannes Meyer
7c6c793ac3
Fix:Remove detail url when no item selected (#5055) 
fixes #5053
 2023-09-07 09:32:11 +02:00
Sukhwinder Dhillon
9dd21841a3 loader.js: Push current state to history only on onComplete. 
- Previously, in case of `abort` the url was already pushed to history at the beginning of `onFailure`, setting `addToHistory` to true only prevents it from being added twice (again in `onComplete`).
- Now we only push the url to history in `onComplete`, so setting `addToHistory` to false is only necessary if req is scripted.
- We intentionally push the canceled url into history to continue navigating with the browser`s back/forward key.
 2023-09-07 09:22:24 +02:00
Sukhwinder Dhillon
d794439537 ui.js: Update browser address bar url when container closes 
`stopPendingRequestsFor()` cancel the pending request but push the canceled url to history (by calling `loader::OnFailure` internally).
Now the `icingaUrl` is set again, remove it and push again the current state to history.
 2023-09-07 09:22:24 +02:00
Sukhwinder Dhillon
f3f35f86fd ui.js: Add event column-moved 
- Param1 is the event itself (event.target.id == #col where the content is moved)
- Param2 is the soucre col id, form which the content is moved
 2023-09-07 08:57:37 +02:00
Johannes Meyer
0424c66a9c
Make host optional for oci database resources (#5063) 
`oci` uses Zend's `Oracle` adapter, which does not use this setting at
all.

fixes #5062
 2023-09-07 08:56:54 +02:00
Eric Lippmann
b693369412 Fix class in Platform::hasOracleSupport() 2023-09-07 08:51:22 +02:00
Eric Lippmann
1b91a93e34 Make host optional for oci database resources 
`oci` uses Zend's `Oracle` adapter, which does not use this setting at
all.
 2023-09-07 08:51:22 +02:00
Tobias Tiederle
e66f76e881 configure landing page using environment variable 2023-09-07 08:49:21 +02:00
Johannes Meyer
d8e313af6c JsonResponse: Fix documentation of sendResponse 2023-09-05 16:19:41 +02:00
raviks789
ac928387e6 Fix CSP link in configuration documentation 2023-09-04 12:09:39 +02:00
raviks789
38dc9a8010 PHPStan Baseline: Remove ipl\Html\BaseHtmlElement::$defaultAttributes type hint error patterns 2023-09-04 09:03:40 +02:00
Johannes Meyer
a9b0e1e2d2 css: Hide details marker of collapsibles in Safari 
In Chrome the marker was already invisible since normalize.css
applies `display:block` to `summary`. Hence we should also disable
the marker by default in Safari.

fixes https://github.com/Icinga/icingaweb2-module-businessprocess/issues/406
 2023-08-31 13:05:19 +02:00
Johannes Meyer
c027282d8c Test: Load a module's composer autoloader 2023-08-31 10:18:37 +02:00
Sukhwinder Dhillon
3c3437dafa Github Actions: Do not cancel further tests if one fails 2023-08-30 16:25:32 +02:00
Sukhwinder Dhillon
f283c81ed2 ActionController: Always read icingaweb config for csp 
Method `$this->Config()` returns config based of current module.
 2023-08-30 10:04:46 +02:00
Johannes Meyer
c3b1ad12ab loader.js: Don't update history for redirects 
A redirect now also does NOT:

* Remove `.impact` from the container
* Try to set a menu item active..

fixes #4879
 2023-08-29 15:02:44 +02:00
Johannes Meyer
b201b030b2
Fix CSP violations (#5060) 2023-08-28 17:15:39 +02:00
raviks789
35b2145754 Workflow: Setup ipl/web dependency for unit test 2023-08-28 17:06:20 +02:00
raviks789
75c409703d Ignore phpstan errors related to DOMDocument or DOMElement 2023-08-28 17:06:15 +02:00
raviks789
d2a40e088d FormTest: Remove mocke Icinga\Web\Session in test testWhetherACsrfCounterMeasureIsBeingAdded() 
Since a fake session is already being instantiated in `BaseTestCase` there is no need to mock the class `Icinga\Web\Session`.
 2023-08-28 16:56:51 +02:00
raviks789
33b6c01fe2 Create fake session to write csp nonces to it 
`Csp::createnonces()` writes to a window aware session and hence a fake base session
is created in `BaseTestCase::setUp()` method
 2023-08-28 16:56:51 +02:00
raviks789
282b4d564a Add style element to SVGs 
The ruleset returned by `Styleable::getStyle()` is added to the SVG.
 2023-08-28 16:56:51 +02:00
raviks789
97a14d7b18 Modify Styleable to avoid using static inline styles 
To prevent CSP violation the following changes has been made in `Styleable::class`:
1) `Styleable::getStyle()` method is modified to return `ipl\Web\Style::class`
2) `Styleable::additionalStyle` property type is changed to array
3) `Styleable::setAdditionalStyle()` parameter type is changed to array
 2023-08-28 16:56:49 +02:00
raviks789
4e8107c231 RoleForm: Replace static inline styles with css class 
The static inline style for resetriction text element is replaced with css class `role-restriction-text`
to avoid Content-Security-Policy violations.
 2023-08-28 16:40:37 +02:00
raviks789
afd2a65df6 Add nonce attribute to <style> elements 
`nonce` attribute needs to be set on the style elements to avoid CSP violations.
 2023-08-28 16:40:37 +02:00
raviks789
da1bf7048d Remove inline scripts 
Remove inline scripts present in `layout.phtml` and `logout.phtml` to prevent CSP violation.
 2023-08-28 16:40:37 +02:00
raviks789
33a5f765b9 Use style element to create css class for dynamic inline style 
The `style` element with `nonce` attribute is used to create css classes for
inline styles that are not static. This prevents Content-Security-Policy violations.
 2023-08-28 16:40:33 +02:00
raviks789
459f4198c3 Replace static inline styles with css class 
The static inline styles are replaced with css class to avoid Content-Security-Policy violations.
 2023-08-28 16:30:12 +02:00
Johannes Meyer
511f507c60
Allow Enabling Strict Content Security Policy (CSP) (#5059) 2023-08-28 16:15:09 +02:00
Yonas Habteab
6f39194b0c Add CSP documentation 2023-08-28 16:01:52 +02:00
Yonas Habteab
3b7f054534 Initiate full page reload upon CSP config change 2023-08-28 12:42:32 +02:00
Johannes Meyer
e3ebe109eb Enable strict CSP if configured 2023-08-28 12:42:32 +02:00
Eric Lippmann
1cd1b500b3 Add helper to enable strict CSP 2023-08-28 12:42:32 +02:00
Eric Lippmann
0bac6cfe07 Config: Add setting to enable strict CSP 2023-08-24 16:02:06 +02:00
Johannes Meyer
6c68578a6c
Github Actions: Add PhpStan (#5040) 
Blocked by: #5061 
closes #5052, https://github.com/Icinga/icingaweb2/pull/4920,
https://github.com/Icinga/icingaweb2/pull/5003
 2023-08-23 11:53:21 +02:00
Sukhwinder Dhillon
2818757bc6 phpstan: Ignore LdapCapabilities/LdapConnection errors 
- ldap_connect() returns `LDAP\Connection` in php >= 81
 2023-08-23 11:37:00 +02:00
Sukhwinder Dhillon
fe24d7809f Phpstan: Set level to max and add baseline file 
- Remove already default flags in `max` level
- Don't ingnore Zend_* errors explicitly (added to baseline)
 2023-08-23 11:37:00 +02:00
Sukhwinder Dhillon
3f3f0a1f67 GlobFilter::__construct(): Add possible param type hint 2023-08-23 11:37:00 +02:00
Sukhwinder Dhillon
0cf97d5825 Workflow: clone the remote head, regardless of the branch name 2023-08-23 11:36:30 +02:00
raviks789
9887a2d622 ConfigTest: Define property $oldConfigDir 
Use of dynamic property is deprecated since PHP 8.2
 2023-08-23 10:53:15 +02:00
Yonas Habteab
a82e3b2320 Stylable: Fix strokeWidth type hint declaration 2023-08-23 10:53:15 +02:00