7ed3acbbd8
Module: Check a menu item's permission and don't overwrite its label
...
This allows now totally different values for an item's name and label
and fixes the bug that permissions declared in the configuration.php
were not evaluated for menu items.
fixes #11431
2016-09-26 11:01:26 +02:00
5b875f3749
JsonResponse: Allow to output the "data" key in case of an error
...
As stated by the JSend specification this key is optional for error responses.
2016-09-21 15:58:59 +02:00
3fdba713ed
Merge branch 'bugfix/handle-recoverable-error-10361'
...
fixes #10361
2016-09-12 08:29:40 +02:00
c8b1693fdc
Fix Controller::assertPermission() allowing everything for unauthenticated requests
...
fixes #12108
2016-09-12 08:18:36 +02:00
4398267db5
Merge branch 'bugfix/wrong-url-makes-whole-dashboard-unusable-11920'
...
fixes #11920
2016-09-09 15:22:48 +02:00
ef7be98e0c
Simplify InternalUrlValidator::isValid()
...
refs #11920
2016-09-09 15:22:24 +02:00
1f980f92f2
Optimize imports in InternalUrlValidator
...
refs #11920
2016-09-09 15:21:06 +02:00
576640e661
Simplify Version::getGitHead()
...
refs #11664
2016-09-09 14:19:32 +02:00
b240e0e6bb
Implement Version::getGitHead()
...
refs #11664
2016-09-01 10:14:14 +02:00
fa113e023b
dashboard/new-dashlet: don't allow external URLs
...
refs #11920
2016-08-31 15:11:55 +02:00
124fb848a0
Repository: Fix column caches²
2016-08-18 15:40:20 +02:00
bd4f21df11
Repository: Fix column caches
2016-08-18 15:30:47 +02:00
ccb8bcc6e3
Repository: Allow for some more fine-grained control
...
Filter columns, search columns and sort rules can now be returned
dependent on a query's current target
2016-08-18 13:36:09 +02:00
ecbb0926dc
Merge branch 'feature/change-password-10616'
...
resolves #10616
2016-08-04 16:09:41 +02:00
2b50f6ff10
FilterExpression: render boolean true as such
...
fixes #12299
2016-08-03 13:03:08 +00:00
e62d94209f
Allow users to change their password if backend is db
...
refs #10616
2016-07-21 17:38:19 +02:00
e6ec6e05b2
Rename Preferences to My Account
...
refs #10616
2016-07-21 12:31:10 +02:00
42991b0756
Ensure correct URL for the refresh container button
...
Shifted params no longer appear in the URL which is retrieved from the request object.
We now use Url::fromRequest() instead.
2016-07-13 10:24:30 +02:00
4774db16ef
View: Add methods setHelperFunction and dropHelperFunction
2016-07-11 09:08:43 +02:00
e9681de388
RepositoryQuery: Avoid cloning sub-objects when they are null
...
fixes #12078
2016-06-30 13:16:05 +02:00
dfa77b2b2f
IniRepository: Avoid using iterator_to_array with ArrayDatasource
...
While iterating ConfigObject/ArrayDatasource will not rewrite the section header into a row value as keycolumn.
In addition we now properly use the filter.
refs #12065
2016-06-28 16:21:06 +02:00
fc5ed3feb1
Bump version to 2.3.4
2016-06-23 14:09:55 +02:00
d4b9b6d303
Bump version to 2.3.3
2016-06-07 15:15:01 +02:00
54b43efb33
Fix exception if module.info contains newlines that are not part of the module's description
...
fixes #11831
2016-06-06 16:21:10 +02:00
97451dae86
Merge branch 'bugfix/remove-large-add-to-menu-tab-11850'
...
fixes #11850
2016-06-02 17:57:51 +02:00
fee45a2438
Database: Never ignore asterisk filters
...
fixes #11885
2016-06-02 17:27:32 +02:00
188703cf95
fix various typos
...
Signed-off-by: Johannes Meyer <johannes.meyer@netways.de>
2016-06-02 08:24:05 +02:00
50037d8ec9
Tabs: fix wrong parameter for array_splice()
...
refs #11850
2016-05-31 14:47:25 +02:00
21e4ba5680
Icinga Web 2.3.2
2016-04-28 14:56:31 +02:00
2179c3aaef
FilterEditor: check for a hidden form field instead of the submit button
2016-04-27 15:05:25 +02:00
6def061742
FilterEditor: correct submit button name
2016-04-27 12:49:40 +02:00
281e6e8163
Revert "Revert "FilterEditor::handleRequest(): don't apply a filter's changes if the 'Apply' button hasn't been pressed""
...
This reverts commit 45a6259b4c
2016-04-27 12:46:48 +02:00
45a6259b4c
Revert "FilterEditor::handleRequest(): don't apply a filter's changes if the 'Apply' button hasn't been pressed"
...
This reverts commit 61a04e7ba1
2016-04-27 12:10:46 +02:00
6607af61e1
Set dashboard active if it is not disabled
2016-04-26 13:50:02 +02:00
eecd15ee68
NavigationItem: fall back to the default renderer if an error occurrs
...
fixes #10486
2016-04-25 15:26:08 +02:00
28c024c037
Repository: Properly handle non-aliased columns
2016-04-21 10:10:24 +02:00
242cdab754
DateTimePicker: implement getFormat()
...
refs #10847
2016-04-18 17:19:57 +02:00
61a04e7ba1
FilterEditor::handleRequest(): don't apply a filter's changes if the 'Apply' button hasn't been pressed
...
fixes #10848
2016-04-18 15:15:41 +02:00
fdbcc6af8e
Bump version to 2.3.1
2016-04-18 01:10:20 +02:00
773c3cc88e
Bump version to 2.3.0
2016-04-13 16:23:38 +02:00
b0a6eb5b1e
Ignore case and whitespaces in the glob filter
...
refs #10965
2016-04-13 15:54:41 +02:00
4d488ab354
Merge branch 'master' into feature/restrict-custom-variables-10965
2016-04-13 15:44:12 +02:00
589da9bcd1
monitoring: Apply custom variable restrictions
...
refs #10965
2016-04-13 15:43:42 +02:00
42b7867562
Merge branch 'feature/support-multiple-ticket-patterns-10909'
...
refs #10909
2016-04-13 15:35:22 +02:00
99adeaa065
Merge branch 'bugfix/external-auth-no-env-11391'
...
fixes #11391
2016-04-13 13:57:56 +02:00
be7263ebfa
Fix that only one default dashboard could be removed
...
fixes #11078
2016-04-13 12:27:25 +02:00
7dbcd27c3c
Remove superfluous whitespace
2016-04-13 11:04:54 +02:00
9082a5204e
Fix tab order of refresh and close container controls
2016-04-13 11:04:23 +02:00
fb07b9aa83
vendor: Upgrade Parsedown to version 1.6.0
...
fixes #11558
2016-04-12 10:51:54 +02:00
99d08bf03b
Get remote user from $_SERVER if env does not have it in external auth
...
refs #11391
2016-04-11 14:09:04 +02:00
2ac54d7c3e
lib: Add ExternalBackend::getRemoteUser()
...
If the user is authenticated via the web server, this method should be used to retrieve the user because
it supports both reading the user from the environment or from the $_SERVER variable as fallback.
refs #11391
2016-04-11 14:01:36 +02:00
c803ec64c5
lib: Move getters before setters in ExternalBackend
2016-04-11 10:57:01 +02:00
1d1a4b4be3
Optimize imports in LdapConnection
2016-04-08 12:58:30 +02:00
1f69189b14
Merge branch 'feature/ldap-scope-11485'
...
resolves #11485
2016-04-08 12:57:41 +02:00
955a9482ad
lib/LDAP: Add fetchByDn for a base scope retrieval on an entry
...
refs #11485
2016-04-07 17:16:51 +02:00
202d61dd4e
lib/LDAP: Add support for LDAP search scope
...
Configurable on the LdapQuery, handled by LdapConnection::ldapSearch
refs #11485
2016-04-07 17:16:38 +02:00
adeaf60aed
lib/LDAP: Do not explicitly set the fields list when ordering
...
refs #11489
2016-04-07 17:13:07 +02:00
0a9c0925cb
CSS: Add space before the autosubmit info in forms
2016-04-07 12:46:13 +02:00
5b17a145f1
Support multiple TTS integrations in the ticket hook
...
refs #10909
2016-04-06 11:58:01 +02:00
97bedfaa08
lib: Provide ticket pattern class for ticket hooks
...
refs #10909
2016-04-06 11:18:28 +02:00
0f538e7f06
lib/LDAP: LdapUtils::explodeDN replace deprecated use of eval in preg_replace
...
fixes #11490
2016-04-04 09:25:59 +02:00
0edd1b5a08
doc: natcasesort files
2016-04-01 15:01:12 +02:00
a5119a7a2e
Fix TreeNodeIterator::isEmpty()
2016-03-30 15:31:53 +02:00
528be1ee79
doc: Iterate files alphabetically and directories last
2016-03-30 15:31:53 +02:00
c7aec8ae64
Respect module stylesheets again when generating the ETag
...
fixes #11465
2016-03-29 11:39:41 +02:00
6e28b4690e
Merge branch 'feature/user-getroles-10887'
...
resolves #10887
2016-03-29 11:28:56 +02:00
e0781cf8b5
Fix PHPDoc of AdmissionLoader::applyRoles()
...
refs #10887
2016-03-29 11:26:00 +02:00
5b5978787b
Move permission and restriction initialization in AdmissionLoader
...
refs #10887
2016-03-29 11:25:55 +02:00
32c6a03000
Remove Role::addPermission()
...
Method is not used.
refs #10887
2016-03-29 11:25:53 +02:00
123488cfc0
Remove Role::addRestriction()
...
Method is not used.
refs #10887
2016-03-29 11:25:51 +02:00
08b70267cd
Move setters after getter in Role.php
...
refs #10887
2016-03-29 11:25:47 +02:00
3d6ae6ac26
Fix PHPDoc of User::setRestrictions()
...
refs #10887
2016-03-29 11:25:39 +02:00
98934e9c5f
lib/DbConnection: Use isset for charset check
2016-03-24 17:55:30 +01:00
ea871ea032
Fix Cannot execute queries while other unbuffered queries are active
...
fixes #11264
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2016-03-24 17:53:55 +01:00
c6eb3cd2c7
Add missing User::$roles definition
...
refs #10887
2016-03-24 16:34:32 +01:00
df0d3aaf1e
AdmissionLoader: set the roles of the user
...
refs #10887
2016-03-24 16:24:24 +01:00
57ce39834d
Role: implement setPermissions() and setRestrictions()
...
refs #10887
2016-03-24 16:11:31 +01:00
f1f4cdc3cb
lib: Use AdmissionLoader::applyRoles() in Auth
...
refs #10887
2016-03-24 15:30:30 +01:00
1aa42bdaf6
lib: Add User::getRoles() and ::setRoles()
...
refs #10887
2016-03-24 15:30:07 +01:00
6ec1878977
lib: Add Authentication/Role
...
refs #10887
2016-03-24 15:29:39 +01:00
2699d2c9ed
lib: Rename AdmissionLoader::applyPerm... to applyRoles()
...
refs #10887
2016-03-24 15:28:21 +01:00
88d973ac39
Restrict access to application log with 'application/log' permission
...
fixes #11279
2016-03-02 20:47:37 +01:00
929f45deea
Fix session resume for external auths
...
When REMOTE_USER is not available from _SERVER (PHP internal webserver)
fixes #11277
2016-03-02 17:39:05 +01:00
845a8b78cf
Bump version
2016-02-29 22:41:58 +01:00
1fba491160
DbConnection: fix utf8-encoded MySQL connections
2016-02-29 20:58:34 +01:00
9c5dfc5207
Merge branch 'bugfix/benchmark-not-always-rendered-10856'
...
fixes #10856
2016-02-27 22:49:44 +01:00
03d7f3a1f4
Ensure trailing slash if cookie path is detected automatically
...
Seems like IE (8, 9, ?) has problems w/o the trailing slash and additional directories on the server that start w/ the path.
refs #11187
2016-02-27 22:42:32 +01:00
5f43ac8f26
Fix path, secure flag and domain of session cookies
...
refs #11187
2016-02-27 22:24:01 +01:00
5f642879c7
Respect cookie domain config in Cookie.php
...
refs #11187
2016-02-27 22:19:37 +01:00
923e902957
Web::bootstrap(): set up the request before setting up the session
...
refs #11187
2016-02-27 22:17:01 +01:00
7cef06f981
Disable benchmark only if the layout is disabled
...
Benchmark should be disabled if the response is not HTML. This is most likely the case when the layout is disabled.
If Web 2 or Zend sends JSON for example, the layout is disabled.
The follwing code inside an action disables the layout (and view):
$this->_helper->layout()->disableLayout();
The following code inside an action disables the action's view script:
$this->_helper->viewRenderer->setNoRender(true);
Note that an action's view script is also disabled via setNoRender() when rendering another view script via
render() or renderScript().
Another appraoch is to check the content-type. If explicitly set to not HTML, disable benchmark:
$renderBenchmark = true;
$response = $this->getResponse();
$headers = $response->getHeaders();
foreach ($headers as $header) {
if (strtolower($header['name']) === 'content-type'
&& stristr($header['value'], 'text/html') === false
) {
$renderBenchmark = false;
break;
}
}
if ($renderBenchmark) {
$layout->benchmark = $this->renderBenchmark();
}
Maybe we should also provide a action method for disabling benchmark, regardless of the user's setting.
refs #10856
2016-02-27 20:14:02 +01:00
bf7d082576
Fix PHPDoc of Url::addFilter()
2016-02-27 16:25:04 +01:00
5b0730574d
Simplify Url::addFilter()
...
This changes the rendered resulting Url from x&(y&z) to x&y&z.
refs #10778
2016-02-27 16:23:09 +01:00
8433bf1fc1
Don't hide the filter editor from the view if the view is compact
...
refs #10778
2016-02-27 15:57:00 +01:00
d8b14cb772
Control whether a filter editor should be rendered via setVisible()
...
We (may) have situations where a controller or view has to access the filter editor being created via Controller::setupFilterControl().
This is impossible if the view is compact because the filterEditor will be unset. This change introduces FilterEditor::setVisible() for
giving the responsibility of rendering to the filter editor. Controller::setupFilterControl() will be adapted accordingly.
refs #10778
2016-02-27 15:51:13 +01:00
88f4f68f29
Merge branch 'bugfix/move-auth-backend-configuration-to-app-config-10309'
...
fixes #10309
2016-02-27 15:25:11 +01:00
e4a0678df0
Load resources from config automatically instead of throwing an exception
...
fixes #10918
2016-02-26 12:29:30 +01:00
9d5e21e71e
Remove IniUserGroupBackend.php
...
Does not conform to its interface anymore and is not in use.
2016-02-26 10:32:13 +01:00
9231746d09
functions.php: failsafe method initialization
...
This avoids collisions for modules not using the fake bootstrap in our
current tests. Can be removed once we fixed that.
2016-02-25 18:07:29 +01:00
1bbb7a3118
Manager::detectEnabledModules(): shorten error message
2016-02-25 17:34:03 +01:00
1aada1abbb
Present the fact that Icinga Web 2's config directory isn't readable in a nicer way
...
fixes #11119
2016-02-25 17:31:09 +01:00
45168caa37
TimezoneDetect: support comma-separated icingaweb2-tzo cookies
2016-02-25 14:41:42 +01:00
af18334e3e
Cookie icingaweb2-tzo: use `-' as separator
...
fixes #11126
2016-02-25 13:21:34 +01:00
b7bdf2e8d4
Implement UrlValidator
2016-02-23 16:34:18 +01:00
c7443924bd
NavigationItemRenderer: Ignore target for '#' urls
...
fixes #11197
2016-02-22 11:13:23 +01:00
9ef78e6856
Fix double escape of `&' in navigation items
...
fixes #11190
2016-02-19 15:38:34 +01:00
41a8c75a4f
FilterEditor: always escape filter embedded in HTML
2016-02-19 15:22:10 +01:00
a83ab2c7cb
Escape URLs of navigation items while rendering them
...
fixes #11091
2016-02-18 15:01:21 +01:00
2ec36667eb
Web: change bootstrap order, fixes custom auth
2016-02-18 10:16:22 +01:00
a3c7a04826
Menu: rename Configuration/Authorization to Configuration/Authentication
...
refs #10309
2016-02-17 18:56:55 +01:00
97b5800f32
LessCompiler: fix #layout usage in module CSS
2016-02-17 18:26:07 +01:00
6c39fb51f8
Menu: move Configuration/Authentication to Configuration/Application/Authentication
...
refs #10309
2016-02-17 18:23:38 +01:00
b63d2ad291
Module: fix multi-instance hook registrations
...
This fixes the problem that registering the same Hook multiple times
with the provideHook shortcut and no class name kept only one
implementation
2016-02-17 10:30:25 +01:00
b005df68a2
Fix that user dashboards are always deleted on add/update
...
fixes #11136
2016-02-17 10:17:23 +01:00
c78a7912e7
Fix parse error in Auth.php
2016-02-15 14:50:33 +01:00
45c95778ae
Merge branch 'bugfix/update-dompdf-11117'
...
fixes #11117
2016-02-15 14:42:19 +01:00
5ca40efc50
Update dompdf version number
...
refs #11117
2016-02-15 14:41:33 +01:00
74b4c344d6
Shorten check for empty auth header
...
refs #11151
2016-02-15 14:22:36 +01:00
8a4f15d32c
Don't redirect unauthenticated API requests to the login page
...
refs #11151
2016-02-15 13:36:29 +01:00
c5281935c6
Regenerate a session ID only if the session exists
...
refs #11151
2016-02-15 11:14:37 +01:00
a464e74aa4
Allow basic auth for API requests only
...
refs #11151
2016-02-15 10:53:32 +01:00
dc9cfc1c81
Call getRequest() only once in Auth::authHttp()
...
refs #11151
2016-02-15 10:44:33 +01:00
4c97fb7d01
Don't request basic auth if auth scheme isn't basic
...
fixes #10506
2016-02-15 10:39:18 +01:00
cdb873cbdb
ResourceFactory: Validate a resource's configuration
...
Probably only a quickfix, but feels still more proper than the
previous solution, on a second thought..
2016-02-12 14:19:44 +01:00
32876ca8ae
LdapUserGroupBackend: respect config option group_filter
...
refs #11142
2016-02-11 15:49:28 +01:00
8b1b171a22
Update dompdf to version 0.6.2
...
refs #11117
2016-02-11 15:13:00 +01:00
8493540f43
FilterExpression: provide default value for setCaseSensitive()
...
refs #11051
2016-02-11 13:32:42 +01:00
e97426e1df
FilterExpression: document getCaseSensitive() and setCaseSensitive()
...
refs #11051
2016-02-11 13:30:34 +01:00
ea9bc6cebd
Conform to coding guidelines
...
refs #11051
2016-02-11 13:29:00 +01:00
aae7c1150e
Implement FilterMatchNotCaseInsensitive
...
refs #11051
2016-02-11 12:00:33 +01:00
8ebc92ee44
Implement FilterMatchCaseInsensitive
...
refs #11051
2016-02-11 11:59:57 +01:00
809861cb53
FilterExpression: make case insensitive matching possible
...
refs #11051
2016-02-11 11:48:50 +01:00
a5924f2ca8
Don't rely on case sensitive usernames in navigation items stored in INI files
...
refs #11051
2016-02-10 16:22:51 +01:00
001c63e376
Don't rely on case sensitive usernames in preferences stored in INI files
...
refs #11051
2016-02-10 16:21:19 +01:00
9c592ead23
icingacli: repair command and action shortcuts
...
refs #11120
2016-02-10 13:28:34 +01:00
34afcc07b3
LdapConnection: disallow an empty root DN
...
fixes #11114
2016-02-09 10:29:08 +01:00
474803fee4
Change all license headers to only reflect a file's year of creation
...
refs #11000
2016-02-08 15:41:00 +01:00
34344915f2
Fix short array syntax in DashboardConfig
2016-01-29 08:44:31 +01:00
32f87284ad
PHP7: Fix MySQL and PostgreSQL PDO extension checks
...
refs #10251
2016-01-28 13:52:31 +01:00
4dda451c79
Fix expcetion when the dashboards folder is missing
2016-01-28 12:50:13 +01:00
c1f7b2ed2d
PHP7: Fix Zend autoload issues
...
refs #10251
2016-01-27 16:52:32 +01:00
41c05c3451
Re-add String.php for backwards compatibility
2016-01-27 16:46:55 +01:00
7fd575080e
PHP7: Rename String to StringHelper
...
refs #10251
2016-01-27 16:46:55 +01:00
b043317fd4
PHP7: Fix Only variables should be passed by reference exception in Translator
...
refs #10251
2016-01-27 16:46:54 +01:00
e9bc11d340
Fix case sensitive interpretation of dashboard config files
...
fixes #10878
2016-01-27 15:45:37 +01:00
78c1e17c20
lib/Response: Allow to control the auto-refresh interval
2016-01-27 09:14:11 +01:00
9f79f9a48b
monitoring/CLI: Fix error on CSV output
...
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
fixes #10921
2016-01-27 09:09:52 +01:00
f7ba48eaac
CSS: Remove main-content.less
...
Not in use anymore.
2016-01-25 08:50:18 +01:00
f5945ff908
CSS: Move colors to mixins
2016-01-25 08:20:58 +01:00
d2e4664dce
Add aria-label to dropdown menu and close container control
2016-01-25 07:23:12 +01:00
Johannes Meyer
Eric Lippmann
Alexander A. Klimov
Thomas Gelf
Markus Frosch
hailthemelody@rm-laptop04
Marius Hein
Florian Strohmaier
Raphael Bicker
Uwe Ebel