tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,129 Commits 120 Branches 71 Tags 80 MiB
Commit Graph

14129 Commits

Author SHA1 Message Date
raviks789 91ad755759 Remove redundant gravatar in contact detail 
The gravatar for contacts was never correctly rendered in the detailed page. Hence it will be
completely removed.
 2023-09-07 13:38:02 +02:00
Sukhwinder Dhillon 8739a9da73
Fix setup wizard (#5094) 2023-09-07 13:37:10 +02:00
Alexander A. Klimov 783fe036f1 Release GHA: create only one Docker image at the same time 
Just like in all other repos making Docker images.

The following tasks finish our ARM support and depend on each other:

* [ ] Push only one Docker image at the same time (this PR)
* [ ] GHA repo: auto-create not just X.Y.Z tags, but also X.Y, X and latest
* [ ] GHA repo: build multi-platform images

Deriving X.Y from X.Y.Z is easy. Also nobody releases a vX.Y.Z and a
vX.Y.{Z+1} at the same time. But a vX.Y.Z and a vX.{Y+1}.0 is likely.
Both check Docker Hub, both get green light and both push :latest. Who wins?
 2023-09-07 13:35:10 +02:00
Johannes Meyer 6e16ded825 loader.js: Don't attempt to load an extra update to a closed column 2023-09-07 13:00:45 +02:00
Johannes Meyer a3c04f9108 loader.js: Allow to initiate a refresh with `__REFRESH__` 2023-09-07 12:59:53 +02:00
Johannes Meyer cdfe7e9aba
loader.js: Don't refresh twice upon `__CLOSE__` (#5106) 2023-09-07 12:50:13 +02:00
Johannes Meyer 8f5b62f532 loader.js: Perform a proper redirect upon `__CLOSE__` 
This allows the temporary adjustment of the autorefresh
interval.
 2023-09-07 12:07:48 +02:00
Johannes Meyer 03f62887b8 loader.js: Don't refresh twice upon `__CLOSE__` 2023-09-07 09:42:05 +02:00
Johannes Meyer 648cdd7ef4 Fix incorrect message for invalid states 2023-09-07 09:37:51 +02:00
Johannes Meyer 7c6c793ac3
Fix:Remove detail url when no item selected (#5055) 
fixes #5053
 2023-09-07 09:32:11 +02:00
Sukhwinder Dhillon 9dd21841a3 loader.js: Push current state to history only on `onComplete`. 
- Previously, in case of `abort` the url was already pushed to history at the beginning of `onFailure`, setting `addToHistory` to true only prevents it from being added twice (again in `onComplete`).
- Now we only push the url to history in `onComplete`, so setting `addToHistory` to false is only necessary if req is scripted.
- We intentionally push the canceled url into history to continue navigating with the browser`s back/forward key.
 2023-09-07 09:22:24 +02:00
Sukhwinder Dhillon d794439537 ui.js: Update browser address bar url when container closes 
`stopPendingRequestsFor()` cancel the pending request but push the canceled url to history (by calling `loader::OnFailure` internally).
Now the `icingaUrl` is set again, remove it and push again the current state to history.
 2023-09-07 09:22:24 +02:00
Sukhwinder Dhillon f3f35f86fd ui.js: Add event `column-moved` 
- Param1 is the event itself (event.target.id == #col where the content is moved)
- Param2 is the soucre col id, form which the content is moved
 2023-09-07 08:57:37 +02:00
Johannes Meyer 0424c66a9c
Make `host` optional for `oci` database resources (#5063) 
`oci` uses Zend's `Oracle` adapter, which does not use this setting at
all.

fixes #5062
 2023-09-07 08:56:54 +02:00
Eric Lippmann b693369412 Fix class in `Platform::hasOracleSupport()` 2023-09-07 08:51:22 +02:00
Eric Lippmann 1b91a93e34 Make `host` optional for `oci` database resources 
`oci` uses Zend's `Oracle` adapter, which does not use this setting at
all.
 2023-09-07 08:51:22 +02:00
Tobias Tiederle e66f76e881 configure landing page using environment variable 2023-09-07 08:49:21 +02:00
Johannes Meyer d8e313af6c JsonResponse: Fix documentation of `sendResponse` 2023-09-05 16:19:41 +02:00
raviks789 ac928387e6 Fix CSP link in configuration documentation 2023-09-04 12:09:39 +02:00
raviks789 38dc9a8010 PHPStan Baseline: Remove `ipl\Html\BaseHtmlElement::$defaultAttributes` type hint error patterns 2023-09-04 09:03:40 +02:00
Johannes Meyer a9b0e1e2d2 css: Hide details marker of collapsibles in Safari 
In Chrome the marker was already invisible since normalize.css
applies `display:block` to `summary`. Hence we should also disable
the marker by default in Safari.

fixes https://github.com/Icinga/icingaweb2-module-businessprocess/issues/406
 2023-08-31 13:05:19 +02:00
Johannes Meyer c027282d8c Test: Load a module's composer autoloader 2023-08-31 10:18:37 +02:00
Sukhwinder Dhillon 3c3437dafa Github Actions: Do not cancel further tests if one fails 2023-08-30 16:25:32 +02:00
Sukhwinder Dhillon f283c81ed2 ActionController: Always read icingaweb config for csp 
Method `$this->Config()` returns config based of current module.
 2023-08-30 10:04:46 +02:00
Johannes Meyer c3b1ad12ab loader.js: Don't update history for redirects 
A redirect now also does NOT:

* Remove `.impact` from the container
* Try to set a menu item active..

fixes #4879
 2023-08-29 15:02:44 +02:00
Johannes Meyer b201b030b2
Fix CSP violations (#5060) 2023-08-28 17:15:39 +02:00
raviks789 35b2145754 Workflow: Setup `ipl/web` dependency for unit test 2023-08-28 17:06:20 +02:00
raviks789 75c409703d Ignore phpstan errors related to `DOMDocument` or `DOMElement` 2023-08-28 17:06:15 +02:00
raviks789 d2a40e088d `FormTest`: Remove mocke `Icinga\Web\Session` in test `testWhetherACsrfCounterMeasureIsBeingAdded()` 
Since a fake session is already being instantiated in `BaseTestCase` there is no need to mock the class `Icinga\Web\Session`.
 2023-08-28 16:56:51 +02:00
raviks789 33b6c01fe2 Create fake session to write csp nonces to it 
`Csp::createnonces()` writes to a window aware session and hence a fake base session
is created in `BaseTestCase::setUp()` method
 2023-08-28 16:56:51 +02:00
raviks789 282b4d564a Add `style` element to SVGs 
The ruleset returned by `Styleable::getStyle()` is added to the SVG.
 2023-08-28 16:56:51 +02:00
raviks789 97a14d7b18 Modify `Styleable` to avoid using static inline styles 
To prevent CSP violation the following changes has been made in `Styleable::class`:
1) `Styleable::getStyle()` method is modified to return `ipl\Web\Style::class`
2) `Styleable::additionalStyle` property type is changed to array
3) `Styleable::setAdditionalStyle()` parameter type is changed to array
 2023-08-28 16:56:49 +02:00
raviks789 4e8107c231 RoleForm: Replace static inline styles with css class 
The static inline style for resetriction text element is replaced with css class `role-restriction-text`
to avoid Content-Security-Policy violations.
 2023-08-28 16:40:37 +02:00
raviks789 afd2a65df6 Add `nonce` attribute to `<style>` elements 
`nonce` attribute needs to be set on the style elements to avoid CSP violations.
 2023-08-28 16:40:37 +02:00
raviks789 da1bf7048d Remove inline scripts 
Remove inline scripts present in `layout.phtml` and `logout.phtml` to prevent CSP violation.
 2023-08-28 16:40:37 +02:00
raviks789 33a5f765b9 Use `style` element to create css class for dynamic inline style 
The `style` element with `nonce` attribute is used to create css classes for
inline styles that are not static. This prevents Content-Security-Policy violations.
 2023-08-28 16:40:33 +02:00
raviks789 459f4198c3 Replace static inline styles with css class 
The static inline styles are replaced with css class to avoid Content-Security-Policy violations.
 2023-08-28 16:30:12 +02:00
Johannes Meyer 511f507c60
Allow Enabling Strict Content Security Policy (CSP) (#5059) 2023-08-28 16:15:09 +02:00
Yonas Habteab 6f39194b0c Add `CSP` documentation 2023-08-28 16:01:52 +02:00
Yonas Habteab 3b7f054534 Initiate full page reload upon `CSP` config change 2023-08-28 12:42:32 +02:00
Johannes Meyer e3ebe109eb Enable strict CSP if configured 2023-08-28 12:42:32 +02:00
Eric Lippmann 1cd1b500b3 Add helper to enable strict CSP 2023-08-28 12:42:32 +02:00
Eric Lippmann 0bac6cfe07 Config: Add setting to enable strict CSP 2023-08-24 16:02:06 +02:00
Johannes Meyer 6c68578a6c
Github Actions: Add PhpStan (#5040) 
Blocked by: #5061 
closes #5052, https://github.com/Icinga/icingaweb2/pull/4920,
https://github.com/Icinga/icingaweb2/pull/5003
 2023-08-23 11:53:21 +02:00
Sukhwinder Dhillon 2818757bc6 phpstan: Ignore `LdapCapabilities/LdapConnection` errors 
- ldap_connect() returns `LDAP\Connection` in php >= 81
 2023-08-23 11:37:00 +02:00
Sukhwinder Dhillon fe24d7809f Phpstan: Set level to max and add baseline file 
- Remove already default flags in `max` level
- Don't ingnore Zend_* errors explicitly (added to baseline)
 2023-08-23 11:37:00 +02:00
Sukhwinder Dhillon 3f3f0a1f67 GlobFilter::__construct(): Add possible param type hint 2023-08-23 11:37:00 +02:00
Sukhwinder Dhillon 0cf97d5825 Workflow: clone the remote `head`, regardless of the branch name 2023-08-23 11:36:30 +02:00
raviks789 9887a2d622 `ConfigTest`: Define property `$oldConfigDir` 
Use of dynamic property is deprecated since PHP 8.2
 2023-08-23 10:53:15 +02:00
Yonas Habteab a82e3b2320 Stylable: Fix `strokeWidth` type hint declaration 2023-08-23 10:53:15 +02:00