Commit Graph

3292 Commits

Author SHA1 Message Date
Eric Lippmann 0edd1b5a08 doc: natcasesort files 2016-04-01 15:01:12 +02:00
Eric Lippmann a5119a7a2e Fix TreeNodeIterator::isEmpty() 2016-03-30 15:31:53 +02:00
Eric Lippmann 528be1ee79 doc: Iterate files alphabetically and directories last 2016-03-30 15:31:53 +02:00
Eric Lippmann c7aec8ae64 Respect module stylesheets again when generating the ETag
fixes 
2016-03-29 11:39:41 +02:00
Eric Lippmann 6e28b4690e Merge branch 'feature/user-getroles-10887'
resolves 
2016-03-29 11:28:56 +02:00
Eric Lippmann e0781cf8b5 Fix PHPDoc of AdmissionLoader::applyRoles()
refs 
2016-03-29 11:26:00 +02:00
Eric Lippmann 5b5978787b Move permission and restriction initialization in AdmissionLoader
refs 
2016-03-29 11:25:55 +02:00
Eric Lippmann 32c6a03000 Remove Role::addPermission()
Method is not used.

refs 
2016-03-29 11:25:53 +02:00
Eric Lippmann 123488cfc0 Remove Role::addRestriction()
Method is not used.

refs 
2016-03-29 11:25:51 +02:00
Eric Lippmann 08b70267cd Move setters after getter in Role.php
refs 
2016-03-29 11:25:47 +02:00
Eric Lippmann 3d6ae6ac26 Fix PHPDoc of User::setRestrictions()
refs 
2016-03-29 11:25:39 +02:00
Eric Lippmann 98934e9c5f lib/DbConnection: Use isset for charset check 2016-03-24 17:55:30 +01:00
Raphael Bicker ea871ea032 Fix Cannot execute queries while other unbuffered queries are active
fixes 

Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>
2016-03-24 17:53:55 +01:00
Alexander A. Klimov c6eb3cd2c7 Add missing User::$roles definition
refs 
2016-03-24 16:34:32 +01:00
Alexander A. Klimov df0d3aaf1e AdmissionLoader: set the roles of the user
refs 
2016-03-24 16:24:24 +01:00
Alexander A. Klimov 57ce39834d Role: implement setPermissions() and setRestrictions()
refs 
2016-03-24 16:11:31 +01:00
Eric Lippmann f1f4cdc3cb lib: Use AdmissionLoader::applyRoles() in Auth
refs 
2016-03-24 15:30:30 +01:00
Eric Lippmann 1aa42bdaf6 lib: Add User::getRoles() and ::setRoles()
refs 
2016-03-24 15:30:07 +01:00
Eric Lippmann 6ec1878977 lib: Add Authentication/Role
refs 
2016-03-24 15:29:39 +01:00
Eric Lippmann 2699d2c9ed lib: Rename AdmissionLoader::applyPerm... to applyRoles()
refs 
2016-03-24 15:28:21 +01:00
Markus Frosch 88d973ac39 Restrict access to application log with 'application/log' permission
fixes 
2016-03-02 20:47:37 +01:00
Markus Frosch 929f45deea Fix session resume for external auths
When REMOTE_USER is not available from _SERVER (PHP internal webserver)

fixes 
2016-03-02 17:39:05 +01:00
Marius Hein 845a8b78cf Bump version 2016-02-29 22:41:58 +01:00
Thomas Gelf 1fba491160 DbConnection: fix utf8-encoded MySQL connections 2016-02-29 20:58:34 +01:00
Eric Lippmann 9c5dfc5207 Merge branch 'bugfix/benchmark-not-always-rendered-10856'
fixes 
2016-02-27 22:49:44 +01:00
Eric Lippmann 03d7f3a1f4 Ensure trailing slash if cookie path is detected automatically
Seems like IE (8, 9, ?) has problems w/o the trailing slash and additional directories on the server that start w/ the path.

refs 
2016-02-27 22:42:32 +01:00
Eric Lippmann 5f43ac8f26 Fix path, secure flag and domain of session cookies
refs 
2016-02-27 22:24:01 +01:00
Eric Lippmann 5f642879c7 Respect cookie domain config in Cookie.php
refs 
2016-02-27 22:19:37 +01:00
Alexander A. Klimov 923e902957 Web::bootstrap(): set up the request before setting up the session
refs 
2016-02-27 22:17:01 +01:00
Eric Lippmann 7cef06f981 Disable benchmark only if the layout is disabled
Benchmark should be disabled if the response is not HTML. This is most likely the case when the layout is disabled.
If Web 2 or Zend sends JSON for example, the layout is disabled.

The follwing code inside an action disables the layout (and view):
$this->_helper->layout()->disableLayout();

The following code inside an action disables the action's view script:
$this->_helper->viewRenderer->setNoRender(true);

Note that an action's view script is also disabled via setNoRender() when rendering another view script via
render() or renderScript().

Another appraoch is to check the content-type. If explicitly set to not HTML, disable benchmark:

$renderBenchmark = true;
$response = $this->getResponse();
$headers = $response->getHeaders();
foreach ($headers as $header) {
    if (strtolower($header['name']) === 'content-type'
        && stristr($header['value'], 'text/html') === false
    ) {
        $renderBenchmark = false;
        break;
    }
}
if ($renderBenchmark) {
    $layout->benchmark = $this->renderBenchmark();
}

Maybe we should also provide a action method for disabling benchmark, regardless of the user's setting.

refs 
2016-02-27 20:14:02 +01:00
Eric Lippmann bf7d082576 Fix PHPDoc of Url::addFilter() 2016-02-27 16:25:04 +01:00
Alexander A. Klimov 5b0730574d Simplify Url::addFilter()
This changes the rendered resulting Url from x&(y&z) to x&y&z.

refs 
2016-02-27 16:23:09 +01:00
Eric Lippmann 8433bf1fc1 Don't hide the filter editor from the view if the view is compact
refs 
2016-02-27 15:57:00 +01:00
Eric Lippmann d8b14cb772 Control whether a filter editor should be rendered via setVisible()
We (may) have situations where a controller or view has to access the filter editor being created via Controller::setupFilterControl().
This is impossible if the view is compact because the filterEditor will be unset. This change introduces FilterEditor::setVisible() for
giving the responsibility of rendering to the filter editor. Controller::setupFilterControl() will be adapted accordingly.

refs 
2016-02-27 15:51:13 +01:00
Eric Lippmann 88f4f68f29 Merge branch 'bugfix/move-auth-backend-configuration-to-app-config-10309'
fixes 
2016-02-27 15:25:11 +01:00
Eric Lippmann e4a0678df0 Load resources from config automatically instead of throwing an exception
fixes 
2016-02-26 12:29:30 +01:00
Eric Lippmann 9d5e21e71e Remove IniUserGroupBackend.php
Does not conform to its interface anymore and is not in use.
2016-02-26 10:32:13 +01:00
Thomas Gelf 9231746d09 functions.php: failsafe method initialization
This avoids collisions for modules not using the fake bootstrap in our
current tests. Can be removed once we fixed that.
2016-02-25 18:07:29 +01:00
Alexander A. Klimov 1bbb7a3118 Manager::detectEnabledModules(): shorten error message 2016-02-25 17:34:03 +01:00
Alexander A. Klimov 1aada1abbb Present the fact that Icinga Web 2's config directory isn't readable in a nicer way
fixes 
2016-02-25 17:31:09 +01:00
Alexander A. Klimov 45168caa37 TimezoneDetect: support comma-separated icingaweb2-tzo cookies 2016-02-25 14:41:42 +01:00
Alexander A. Klimov af18334e3e Cookie icingaweb2-tzo: use `-' as separator
fixes 
2016-02-25 13:21:34 +01:00
Alexander A. Klimov b7bdf2e8d4 Implement UrlValidator 2016-02-23 16:34:18 +01:00
Johannes Meyer c7443924bd NavigationItemRenderer: Ignore target for '#' urls
fixes 
2016-02-22 11:13:23 +01:00
Alexander A. Klimov 9ef78e6856 Fix double escape of `&' in navigation items
fixes 
2016-02-19 15:38:34 +01:00
Alexander A. Klimov 41a8c75a4f FilterEditor: always escape filter embedded in HTML 2016-02-19 15:22:10 +01:00
Alexander A. Klimov a83ab2c7cb Escape URLs of navigation items while rendering them
fixes 
2016-02-18 15:01:21 +01:00
Thomas Gelf 2ec36667eb Web: change bootstrap order, fixes custom auth 2016-02-18 10:16:22 +01:00
Alexander A. Klimov a3c7a04826 Menu: rename Configuration/Authorization to Configuration/Authentication
refs 
2016-02-17 18:56:55 +01:00
Thomas Gelf 97b5800f32 LessCompiler: fix #layout usage in module CSS 2016-02-17 18:26:07 +01:00
Alexander A. Klimov 6c39fb51f8 Menu: move Configuration/Authentication to Configuration/Application/Authentication
refs 
2016-02-17 18:23:38 +01:00
Thomas Gelf b63d2ad291 Module: fix multi-instance hook registrations
This fixes the problem that registering the same Hook multiple times
with the provideHook shortcut and no class name kept only one
implementation
2016-02-17 10:30:25 +01:00
Eric Lippmann b005df68a2 Fix that user dashboards are always deleted on add/update
fixes 
2016-02-17 10:17:23 +01:00
Alexander A. Klimov c78a7912e7 Fix parse error in Auth.php 2016-02-15 14:50:33 +01:00
Alexander A. Klimov 45c95778ae Merge branch 'bugfix/update-dompdf-11117'
fixes 
2016-02-15 14:42:19 +01:00
Alexander A. Klimov 5ca40efc50 Update dompdf version number
refs 
2016-02-15 14:41:33 +01:00
Alexander A. Klimov 74b4c344d6 Shorten check for empty auth header
refs 
2016-02-15 14:22:36 +01:00
Alexander A. Klimov 8a4f15d32c Don't redirect unauthenticated API requests to the login page
refs 
2016-02-15 13:36:29 +01:00
Alexander A. Klimov c5281935c6 Regenerate a session ID only if the session exists
refs 
2016-02-15 11:14:37 +01:00
Alexander A. Klimov a464e74aa4 Allow basic auth for API requests only
refs 
2016-02-15 10:53:32 +01:00
Alexander A. Klimov dc9cfc1c81 Call getRequest() only once in Auth::authHttp()
refs 
2016-02-15 10:44:33 +01:00
Alexander A. Klimov 4c97fb7d01 Don't request basic auth if auth scheme isn't basic
fixes 
2016-02-15 10:39:18 +01:00
Johannes Meyer cdb873cbdb ResourceFactory: Validate a resource's configuration
Probably only a quickfix, but feels still more proper than the
previous solution, on a second thought..
2016-02-12 14:19:44 +01:00
Alexander A. Klimov 32876ca8ae LdapUserGroupBackend: respect config option group_filter
refs 
2016-02-11 15:49:28 +01:00
Alexander A. Klimov 8b1b171a22 Update dompdf to version 0.6.2
refs 
2016-02-11 15:13:00 +01:00
Alexander A. Klimov 8493540f43 FilterExpression: provide default value for setCaseSensitive()
refs 
2016-02-11 13:32:42 +01:00
Alexander A. Klimov e97426e1df FilterExpression: document getCaseSensitive() and setCaseSensitive()
refs 
2016-02-11 13:30:34 +01:00
Alexander A. Klimov ea9bc6cebd Conform to coding guidelines
refs 
2016-02-11 13:29:00 +01:00
Alexander A. Klimov aae7c1150e Implement FilterMatchNotCaseInsensitive
refs 
2016-02-11 12:00:33 +01:00
Alexander A. Klimov 8ebc92ee44 Implement FilterMatchCaseInsensitive
refs 
2016-02-11 11:59:57 +01:00
Alexander A. Klimov 809861cb53 FilterExpression: make case insensitive matching possible
refs 
2016-02-11 11:48:50 +01:00
Alexander A. Klimov a5924f2ca8 Don't rely on case sensitive usernames in navigation items stored in INI files
refs 
2016-02-10 16:22:51 +01:00
Alexander A. Klimov 001c63e376 Don't rely on case sensitive usernames in preferences stored in INI files
refs 
2016-02-10 16:21:19 +01:00
Alexander A. Klimov 9c592ead23 icingacli: repair command and action shortcuts
refs 
2016-02-10 13:28:34 +01:00
Alexander A. Klimov 34afcc07b3 LdapConnection: disallow an empty root DN
fixes 
2016-02-09 10:29:08 +01:00
Alexander A. Klimov 474803fee4 Change all license headers to only reflect a file's year of creation
refs 
2016-02-08 15:41:00 +01:00
Eric Lippmann 34344915f2 Fix short array syntax in DashboardConfig 2016-01-29 08:44:31 +01:00
Eric Lippmann 32f87284ad PHP7: Fix MySQL and PostgreSQL PDO extension checks
refs 
2016-01-28 13:52:31 +01:00
Eric Lippmann 4dda451c79 Fix expcetion when the dashboards folder is missing 2016-01-28 12:50:13 +01:00
Eric Lippmann c1f7b2ed2d PHP7: Fix Zend autoload issues
refs 
2016-01-27 16:52:32 +01:00
Eric Lippmann 41c05c3451 Re-add String.php for backwards compatibility 2016-01-27 16:46:55 +01:00
Eric Lippmann 7fd575080e PHP7: Rename String to StringHelper
refs 
2016-01-27 16:46:55 +01:00
Eric Lippmann b043317fd4 PHP7: Fix Only variables should be passed by reference exception in Translator
refs 
2016-01-27 16:46:54 +01:00
Eric Lippmann e9bc11d340 Fix case sensitive interpretation of dashboard config files
fixes 
2016-01-27 15:45:37 +01:00
Eric Lippmann 78c1e17c20 lib/Response: Allow to control the auto-refresh interval 2016-01-27 09:14:11 +01:00
Uwe Ebel 9f79f9a48b monitoring/CLI: Fix error on CSV output
Signed-off-by: Eric Lippmann <eric.lippmann@netways.de>

fixes 
2016-01-27 09:09:52 +01:00
Eric Lippmann f7ba48eaac CSS: Remove main-content.less
Not in use anymore.
2016-01-25 08:50:18 +01:00
Eric Lippmann f5945ff908 CSS: Move colors to mixins 2016-01-25 08:20:58 +01:00
Eric Lippmann d2e4664dce Add aria-label to dropdown menu and close container control 2016-01-25 07:23:12 +01:00
Johannes Meyer 8a17cc5161 login: Fix that the system's default theme is not applied
fixes 
2016-01-22 16:34:31 +01:00
Eric Lippmann bc187d91c5 monitoring: Make inline pie charts accessible 2016-01-22 13:33:22 +01:00
Johannes Meyer 424557f194 StdoutWriter: Rename to StderrWriter 2016-01-21 11:47:11 +01:00
Johannes Meyer 9240d1b4e0 cli: Polish log handling
* Reintroduced Command::$isDebugging, now without typo
* Removed @deprecated from Command::$isVerbose
* Changed default log level to WARNING
* Adjusted --verbose and --debug to activate log level INFO and DEBUG, respectively
2016-01-21 11:29:28 +01:00
Johannes Meyer 790d2a3949 Cli: Do not shift --verbose away, commands may still require it 2016-01-19 15:31:05 +01:00
Johannes Meyer 37dc601505 Command: Remove property "isDebugging"
It's not used anywhere and wrong initalized anyway.
2016-01-19 15:08:20 +01:00
Johannes Meyer be239b9a22 Cli: Configure logging properly but also offer customisations 2016-01-19 15:07:17 +01:00
Eric Lippmann 9968fb9011 Reload CSS after login because the user may have a different theme (WIP)
This is just a quick fix.

refs 
2016-01-18 12:56:02 +01:00
Eric Lippmann 9a5e69a8ec Improve tab styles for accessibility 2016-01-12 08:52:30 +01:00
Eric Lippmann 79fbed0ad4 Use icon font instead of images in the dashboard settings tab extension 2016-01-12 08:52:30 +01:00
Eric Lippmann 7c1ccc685f Rename close-toggle to close-container-control 2016-01-12 08:52:30 +01:00