Commit Graph

4107 Commits

Author SHA1 Message Date
Johannes Meyer 37fb455977 js: Drop sparkline lib and behavior 2020-09-28 16:39:54 +02:00
Johannes Meyer 77244b2c1b Raise version to v2.8.2 2020-08-19 11:03:31 +02:00
Johannes Meyer c3d329bd48 Raise version to 2.8.1 2020-06-29 10:30:58 +02:00
Johannes Meyer b288d86e91 DbQuery: Return non-string args as is in `valueToTimestamp()`
fixes #4182
2020-06-24 14:09:13 +02:00
Johannes Meyer 4d173e6746 DbUserBackend: Lowercase usernames before fetching password hashes
The BINARY cast to make trailing spaces significant (#4030) also
made these queries case-sensitive. This wasn't identified at the
time because the query itself wasn't case-insensitive, but the
default collation on the `name` column. (Tests sometimes are the
perfect mitigation for this...)

fixes #4184
2020-06-24 14:08:30 +02:00
Johannes Meyer e95fac3ff1 Raise version to 2.8.0 2020-06-08 10:51:35 +02:00
Johannes Meyer 62dd0b3f1e ActionController: Fix that view variable `compact` is undefined
refs #4164
2020-06-08 09:26:36 +02:00
Johannes Meyer a240e306ed Preserve/Remove param `showCompact` instead of `view` 2020-06-04 08:50:41 +02:00
Johannes Meyer 6cf9f19048 ActionController: Shift parameter `view` if its value is `compact` 2020-06-04 08:50:41 +02:00
Johannes Meyer 60c3fd6406 FilterEditor: Use a new url from request when redirecting searches
Creating a new url has the benefit that all framework params are
still there. `$this->url()` however returns a url that's already
mangled and parameter preservation does not work for framework
params.

This is not quite the correct fix. But the entire parameter
handling here is way too convoluted.
2020-06-04 08:50:41 +02:00
Johannes Meyer 46c6201a21 Url: Add method `onlyWith()` 2020-06-04 08:50:41 +02:00
Eric Lippmann 49eb245580 CLI: Also register assets
Because assets are not registered in the CLI context,
CLI actions cannot access the full style sheet.
This is necessary for Icinga Reporting though in order to send PDF reports.
2020-06-04 07:31:02 +02:00
Eric Lippmann fce2858beb LDAP: Add option to disable server side sorting
We automatically detect whether the server supports server side sorting
and sort manually if that is not the case. But there are LDAP servers
which report that they support this feature in general but have it
disabled for certain fields.

If we send the server side control for any field that has server side
sort disabled, the LDAP server will abort the query.

With the new configuration option it is possible to disable server side
sorting and it has precedence over our automatic detection.
Since this is a very special LDAP server configuration, there is no GUI
option for this.
2020-05-25 11:08:13 +02:00
Johannes Meyer c2f380cf9b Dashlet: Use `showCompact` instead of `view=compact`
Allows dashlets to use their own value for parameter `view`
2020-05-19 16:46:58 +02:00
Johannes Meyer c40d134ea5 ApplicationBootstrap: Use L10n locales in `getLocaleDir()` if available 2020-05-11 17:05:23 +02:00
Johannes Meyer 8b8094e9cc dashboards: Increase size of dashlets in no-js envs 2020-04-15 09:42:36 +02:00
Johannes Meyer 5ed41868d9 css: Fix no-script apply styles in non-inline forms 2020-04-15 09:42:36 +02:00
Alexander A. Klimov 568619b92e Form: allow checkboxes to be required 2020-04-09 14:03:21 +02:00
Feu Mourek c2568548cf Add appropriate aria labels to donut graphs 2020-04-09 08:36:29 +02:00
Johannes Meyer d72bdc2c32 Raise version to 2.8.0-rc1 2020-03-13 10:40:35 +01:00
Eric Lippmann e11feb81f5 Don't fail with an exception if module.info is flawed 2020-03-12 14:26:15 +01:00
Eric Lippmann 3361cac59a CLI: Setup fake auth
Since version 2.7.x CLI actions load all enabled modules automatically.
This includes launching configuration.php and run.php. Though code
in those files should be restricted to a supported set of functions,
module devs may write any code here. If a module requires authentication
in those files, CLI actions fail because there is no auth possible.
With this patch, we setup a fake user named "cli" w/o any permission when
running CLI actions.
2020-03-02 14:16:28 +01:00
Eric Lippmann 990a5e4d61 Introduce Auth::setUser() 2020-03-02 14:15:53 +01:00
Johannes Meyer 3a66b0a950 FilterExpression: Pass used delimiter to `preg_quote`
fixes #4090
2020-03-02 08:39:46 +01:00
Johannes Meyer eb674509b4 BaseTestCase: Read db host and port from env vars if available 2020-01-21 14:13:15 +01:00
Johannes Meyer 05135e716e
Merge pull request #4049 from Icinga/fix/pdfexport-hooks-may-cause-bad-loading-times
Fix pdfexport hooks may cause bad loading times
2020-01-16 09:02:31 +01:00
Johannes Meyer 69d15824fb
Merge pull request #4048 from Icinga/fix/server-side-window-handling
Fix server side window handling
2020-01-16 08:57:11 +01:00
Eric Lippmann 73a4d8ac31 WebBaseHook: Make setView() fluent 2020-01-14 16:06:22 +01:00
Eric Lippmann dd500578c9 Url: Fix @return hints
Before, sublcasses of Url suffered from @return Url hints. This is
@return static now.
2020-01-14 14:26:14 +01:00
Johannes Meyer 8da37e5ca2
Merge pull request #4044 from Icinga/fix/pdf-export-error-handling
Fix pdf export error handling
2020-01-14 11:13:01 +01:00
Johannes Meyer 6a8f17faf2 OutputFormat: Just provide the pdf export if there's a hook available
Calling `isSupported()` is bad here since there may be IO involved.
2020-01-14 11:01:53 +01:00
Johannes Meyer 29aaa363b4 Pdf: Utilize an pdfexport hook without calling `isSupported()`
If it's not supported, users should disable the module. If there
are multiple hooks supported at some point we need to touch this
again anyways. So that should suffice for now.
2020-01-14 10:59:01 +01:00
Johannes Meyer 9fe43dda5f ActionController: Drop method `handlerBrowserWindows()` 2020-01-14 10:14:02 +01:00
Johannes Meyer 855bb8ae72 Properly handle window id's and container id's 2020-01-14 10:14:02 +01:00
Johannes Meyer 2d3fc218db Window: Differentiate between window and container id 2020-01-14 10:14:02 +01:00
Johannes Meyer d459e58aca Response: Add methods to override the client's window id 2020-01-14 10:14:02 +01:00
Johannes Meyer 098bcfb98f LdapConnection: Ignore unknown vendor upon inspection 2020-01-13 13:46:32 +01:00
Johannes Meyer 7bb9c8e25f LdapConnnection: Don't pass param `$serverCtrls` to `ldap_search` prior php 7.3
refs #4013
2020-01-13 13:17:40 +01:00
Johannes Meyer 5a58279995 ActionController: Don't render exceptions as PDF 2020-01-10 14:11:52 +01:00
Johannes Meyer 5943e6bde9 Pdf: Restore previous state after rendering content
In case an exception occurs its output was previously merged
with the rendered content or even PDF..
2020-01-10 14:11:40 +01:00
Johannes Meyer f63dfa5294 DbUserBackend: Use binary string comparison if it's a mysql db 2019-12-11 10:15:05 +01:00
Johannes Meyer e6d9819adb FilterQueryString: Parse numbers as floats in range conditions 2019-12-09 09:39:50 +01:00
Johannes Meyer dc8981f209 ConfigFormEventsHook: Use base class `Icinga\Web\Form` in type hints 2019-12-09 09:01:33 +01:00
Johannes Meyer 4157821c89 IcingaCheckbox: Don't `display:none` the checkbox but add `.sr-only` to it 2019-12-05 16:12:41 +01:00
Johannes Meyer 668ae38497 ExternalBackend: Don't authenticate a user if `REMOTE_USER` is empty 2019-12-05 15:13:02 +01:00
Johannes Meyer d0857345d0 DbConnection: Set `COLLATE 'latin1_general_ci'` for `latin1` charsets
MySQL 8+ seems a bit more strict now.
2019-12-05 14:18:17 +01:00
Johannes Meyer 8519bb5d11 User: Don't return true if any permission is granted and `*` is required 2019-12-05 08:44:33 +01:00
Johannes Meyer 7b488d7f93 swag: Fix violations of PSR-12
PSR-2 has been deprecated and phpcs v3.5.3
now checks for the successor PSR-12
2019-12-04 11:28:08 +01:00
Johannes Meyer 9c94b9cde7 vendor/lessphp: Check for an array before accessing an offset
https://www.php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.non-array-access
2019-12-04 11:28:08 +01:00
Johannes Meyer 369ffa758e zend/Registry: Don't override method `offsetExists()`
It's not possible to use `array_key_exists()` on objects anymore
(https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.core.array-key-exists-objects)
and since the referenced bug (http://bugs.php.net/bug.php?id=40442)
only applied to PHP 5.2.0 it's now obsolete.
2019-12-04 11:28:08 +01:00
Johannes Meyer d34909bbac vendor/lessphp: Avoid curly braces to access array offsets
https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.core.array-string-access-curly-brace
2019-12-04 11:28:08 +01:00
Johannes Meyer 0a44bbc804 vendor/Zend: Avoid curly braces to access array offsets
https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.core.array-string-access-curly-brace
2019-12-04 11:28:08 +01:00
Johannes Meyer 67dd439673 vendor/HTMLPurifier: Avoid curly braces to access array offsets
https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.core.array-string-access-curly-brace
2019-12-04 11:28:08 +01:00
Johannes Meyer 0442c4f0ab View: Ignore setting `short_open_tag`
Adjusting class `Zend_View_Stream` according to https://www.php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.stream-wrappers
didn't work. (*syntax error, unexpected end of file* after every last php statement in phtml files)

So.. since `<?= ?>` instructions are permanently available since PHP 5.4 (https://www.php.net/manual/en/language.basic-syntax.phptags.php)
we'll just omit using a custom stream wrapper now.
2019-12-04 09:35:24 +01:00
Johannes Meyer 7bc1893a24 LdapConnection: Don't utilize `ldap_control_paged_result()` on PHP 7.3+
https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.ldap
2019-12-04 09:33:13 +01:00
Johannes Meyer 9b1dc44130 FilterEditor: Also trim trailing whitespace from search values
Simple values are wrapped with `*` anyway, so trimming all
whitespace doesn't pose an issue. (Even if inserted intentionally)
This doesn't apply to qualified search values. (e.g. `host = abc `)

resolves #4002
2019-12-03 10:33:00 +01:00
Eric Lippmann 9f4e29b56c JS/CSS: Load modal behavior and styles 2019-11-04 12:46:30 +01:00
Eric Lippmann c196631f5a Add Markdown::line() 2019-10-31 14:41:39 +01:00
Johannes Meyer e0be21f655 Raise version to 2.7.3 2019-10-18 07:41:53 +02:00
Johannes Meyer 362c30c1dd Raise version to 2.7.2 2019-10-16 08:12:09 +02:00
Johannes Meyer 8e5380220c SimpleQuery: Cache count query result and use it in `hasResult()`
Does not affect views which do not run a count query. (e.g. dashlets)
Though, this is a quick win for all other views with which the user
interacts directly and gets the desired result quicker than before.

refs #3905
refs #3836
2019-10-11 10:27:43 +02:00
Johannes Meyer 52d830170f LessCompiler: Put required assets into a module's css block
We have to include these there otherwise mixins from assets
can't be used.
2019-10-01 15:30:17 +02:00
Johannes Meyer 5352e72d1f
Merge pull request #3946 from Icinga/fix/wrong-dashlet-order-3931
Fix wrong dashlet order
2019-09-26 14:34:13 +02:00
Johannes Meyer d699191629
Let modules provide css/js assets to be used by other modules (#3961) 2019-09-25 09:53:53 +02:00
Johannes Meyer f98f988aff Remove tristate form element 2019-09-23 08:36:24 +02:00
Johannes Meyer d4dc282ac8 DashboardContainer: Allow to define a priority for dashlets
refs #3931
2019-09-09 14:43:28 +02:00
Johannes Meyer 04b23811be Raise version to 2.7.1 2019-08-14 13:10:19 +02:00
Eric Lippmann c8ed889114 Fix operator in wildcard filter chains 2019-08-13 17:19:45 +02:00
Eric Lippmann 31d3153d2b Support wildcard filters in chains (#3903) 2019-08-12 13:41:38 +02:00
Eric Lippmann 666bdfb4c4 Revert "Fix double query execution"
This reverts PR 6ea012af7e, reversing
changes made to be5b9f870b.

The reverted commit fixed a double query execution bug by only executing
the query once in either SimpleQuery::hasResult() or upon iteration.

But the fix (b20291a60) introduced two problems:

* Default sort rules no longer work
* Show more links missing

We work with DataView objects in our controllers and views. When
iterating over a DataView, it applies its default sort rules and then
returns the underlying query, see DataView::getIterator().

DataView::hasResult() on the other hand does not apply the default sort
rules. So, if hasResult() is called first, the default sort rules are no
longer applied because the query will be executed only once.
The fix would be as easy as to apply sorting in DataView::hasResult() as
well.

But now the show more part kicks in. We know whether there are more
results because we execute queries with $limit + 1. This is enabled via
SimpleQuery::peekAhead(). Unfortunately, we call
SimpleQuery::peekAhead() ALWAYS after SimpleQuery::hasResult(). And
that's why the show more links are missing because the query is executed
only once with the "wrong" limit.

For now, we just revert the commit in question and postpone a proper fix
for the double execution.
2019-08-07 13:29:57 +02:00
Eric Lippmann f35946df29 Raise version to 2.7.0 2019-07-30 10:19:53 +02:00
Eric Lippmann b8fb193bdd Add FilterChain::setFilters() 2019-07-30 09:17:25 +02:00
Johannes Meyer b31dd77812
Merge pull request #3676 from Icinga/feature/form-styling
Improve look of our forms
2019-07-30 08:26:08 +02:00
Markus Frosch c66d206042 Cleanup executable flags on files
Some or scripts, but if so just vendor artifacts
2019-07-30 07:53:54 +02:00
Johannes Meyer 9cdf37410c ApplicationStateMessages: Fix message layout 2019-07-29 10:19:39 +02:00
Johannes Meyer 13ad506393 css: Rename class `icinga-forms` to `icinga-form` 2019-07-29 10:17:59 +02:00
Johannes Meyer 212606de78 setup: Apply new icinga form style 2019-07-29 10:17:59 +02:00
Johannes Meyer 0bc70a840c SortBox: Apply icinga form style 2019-07-29 10:17:59 +02:00
Johannes Meyer 346083109a Apply new form style to the filter editor 2019-07-29 10:17:59 +02:00
Johannes Meyer 05613c413d Enhance toggle-switch, spinner and control-info placement
tested with Chromium, IE11 (Win7), Edge (Win10)
2019-07-29 10:17:59 +02:00
Johannes Meyer 115bb80c6a View: Register our own view helper path
That's a different path than application/views/helpers because this one
uses a namespace so that we're able to extend Zend's view helpers
2019-07-29 10:17:59 +02:00
Johannes Meyer bc2e7588d7 FormNotifications: Don't ignore warning and error notifications 2019-07-29 10:17:59 +02:00
Johannes Meyer a5f292c2ae Form: Define classes `icinga-forms` and `icinga-controls` by default 2019-07-29 10:17:59 +02:00
Florian Strohmaier f14256a7ee CSS: Adapt form design with filter editor
refs #3676
2019-07-29 10:17:59 +02:00
Florian Strohmaier f70f996085 Announcements: Increase font-size and align control layout
refs #3676
refs #3560
refs #3839
2019-07-29 10:17:59 +02:00
Florian Strohmaier c492c6bb23 Announcements: Avoid duplicate `id attribute
refs #3762
2019-07-29 10:17:59 +02:00
Eric Lippmann c49f5d6a0f Don't override Zend's Checkbox for our toggle switch 2019-07-29 10:17:59 +02:00
Eric Lippmann 41ee36c7e6 Reduce default textarea rows 2019-07-29 10:17:59 +02:00
Jennifer Mourek bf48b6d26b WIP: New form styles
Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2019-07-29 10:17:59 +02:00
Johannes Meyer 9d0ef4cf33 Wrap any markdown output with a `<section>` and remove explicit containers 2019-07-23 14:45:32 +02:00
Johannes Meyer 9de9fe8f39 Introduce class RolesConfig 2019-07-23 13:53:29 +02:00
Johannes Meyer 1f0ee9b0d4 IniRepository: Fix wrong documentation for $configs 2019-07-23 13:53:29 +02:00
Johannes Meyer 40529e76ef
Merge pull request #3858 from Icinga/feature/downtime-schedule-times
Require time output for downtime schedule and end/expire times
2019-07-18 08:47:55 +02:00
Johannes Meyer fcde2a9eea dashboard: Use the non-translated versions of pane and dashlet names for storage
This is a dirty quick fix. And calling it *quick* is already an overstatement.
Of course, it's also a breaking change, as **all** non-english users need to
update their dashboard.ini after this change.

Oh, and don't dare to move this over to the new dashboards!

refs #3542
2019-07-18 08:33:35 +02:00
Johannes Meyer 4fdfb190ad Navigation/DashboardPane: Properly register dashlets as children
refs #3542
2019-07-18 08:33:35 +02:00
Johannes Meyer 37a972cf75 dashboard: Differentiate between `name` and `title`
The former is the original name while title may
be changed by the user. This change is strictly
necessary for the references bug and should also
be introduced when rewriting this mess.

refs #3542
2019-07-18 08:33:35 +02:00
Johannes Meyer f8d3f43965 js: Drop vendor library tipsy 2019-07-18 07:57:14 +02:00
Johannes Meyer eac3a106ad Render `<title>` tags for line and bar charts instead of tipsy titles 2019-07-18 07:57:14 +02:00
Johannes Meyer c100654412 js: Integrate vendor library jquery-migrate 2019-07-18 07:57:14 +02:00
Johannes Meyer 91e4baa221 Remove remaining special cases for IE8 2019-07-18 07:57:14 +02:00
Jennifer Mourek 07586af41f Remove IE8 & IE9 traces 2019-07-18 07:56:09 +02:00
Florian Strohmaier 7cf620f3f1 JS: Use jquery 3.4.1
refs #3813
2019-07-18 07:56:09 +02:00
Jennifer Mourek 55d35b9e5b Remove jquery 1.11 dependency
refs #3784
2019-07-18 07:56:09 +02:00
Johannes Meyer e2cddc2d46 js: Introduce storage.js, a localStorage abstraction layer 2019-07-17 13:12:41 +02:00
Johannes Meyer 0574f44bd9 colllapsibleContainer.js: Rename to collapsible.js 2019-07-17 13:12:41 +02:00
Florian Strohmaier b07ffd4987 JS: Implement collapsible-container behavior 2019-07-17 13:12:41 +02:00
Eric Lippmann f9021e8fdd Add $requireTime to timeAgo() and timeSince() too 2019-07-15 10:11:52 +02:00
Johannes Meyer 5145de6b50
Merge pull request #3852 from Icinga/feature/cli-load-enabled-modules
CLI: Automatically load enabled modules if not disabled
2019-07-15 08:39:57 +02:00
Johannes Meyer 3edda43bca ActionController: Utilize view variable `$defaultTitle` instead of the constant
Allows controllers to also customize the default title with translated contents.

refs #3851
2019-07-15 08:24:44 +02:00
Eric Lippmann 16fbf6d7bd Introduce ConfigFormEventsHook 2019-07-15 07:52:32 +02:00
Eric Lippmann 98b8631db3 Optimize imports 2019-07-12 14:23:41 +02:00
Eric Lippmann 6fa5af4de1 CLI: Automatically load enabled modules if not disabled 2019-07-12 14:23:41 +02:00
Johannes Meyer 5d87f6712e
Merge pull request #3856 from Icinga/feature/send-failed-login-attempts-to-the-audit-log-3855
Send failed login-attempts to the audit log
2019-07-12 14:00:09 +02:00
Johannes Meyer 2257eaa0c1
Merge pull request #3849 from Icinga/feature/commonly-accessible-module-hooks-3772
Add possibility to disable permission checks for hooks
2019-07-12 13:59:44 +02:00
Johannes Meyer b06103bfc5 NavigationItemRenderer: Don't fail to render an icon if there's none
fixes #3859
2019-07-12 07:42:33 +02:00
Johannes Meyer 59fa054d42 AuthChain: Send failed login-attempts to the audit log
resolves #3855
2019-07-11 14:41:17 +02:00
Loei Petrus Marogi 617f1b35b3 Add possibility to let hooks always run
refs #3772
2019-07-11 13:36:33 +02:00
Eric Lippmann 1351be7da8 Add param to timeUntil() to require time output
If the time specified in timeUntil() is at least 3 days in the future,
the output will only contain the month and the day. With $requireTime it
will also ouput the time. This is useful for some views, e.g.
scheduled downtimes.
2019-07-11 13:07:17 +02:00
Niko Martini 7abd1b906b Cli: add version command
refs #3763
2019-07-11 08:17:56 +02:00
Johannes Meyer 801a6719b7
Merge pull request #3835 from Icinga/fix/problem-badges-not-visible-if-sidebar-is-collapsed-3568
ui: Show problem badges in collapsed sidebar
2019-07-11 08:00:12 +02:00
Johannes Meyer f0b5d8fd8e BadgeNavigationItemRenderer: Round counts to the neareset base
refs #3568
2019-07-03 11:29:37 +02:00
Johannes Meyer 559d57d466
Merge pull request #3834 from Icinga/fix/tactical-overview-big-numbers
Support higher number of problems in the tactical overview
2019-07-02 15:38:52 +02:00
Johannes Meyer 36524bcd94
Merge pull request #3814 from Icinga/feature/make-notes-and-comments-markdown-aware-3684
Make notes, comments and announcements markdown aware
2019-07-02 15:30:21 +02:00
Johannes Meyer 6ea012af7e
Merge pull request #3836 from Icinga/fix/query-double-execution
Fix double query execution
2019-07-02 13:56:50 +02:00
Eric Lippmann b20291a606 Fix double query execution
Our monitoring list views call SimpleQuery::hasResult() first in
order to determine whether there are results to display. This calls
fetchRow() which executes the underlying query the first time. If there
are resulsts, the query is iterated which executes the query again.
With this patch, SimpleQuery::hasResult() makes use of the inner
iterator instead of calling fetchRow(). The query is now executed only
once.
2019-06-27 15:11:45 +02:00
Johannes Meyer 6aa2cf69c7 HtmlPurifier: Enable cache directory
refs #3814
2019-06-27 14:41:13 +02:00
Niko Martini cae8cea482 Support higher number of problems in the tactical overview
refs #3746
2019-06-27 11:06:07 +02:00
Johannes Meyer 44c7c427e8 vendor: Update dompdf to version 0.8.3
refs #3785
2019-06-27 09:39:41 +02:00
Johannes Meyer 3f7b317ced vendor: Update lessphp to version 0.5.0
refs #3785
2019-06-27 09:21:13 +02:00
Johannes Meyer cdaef76faf vendor: Update Parsedown to version 1.7.3
refs #3785
2019-06-27 09:20:11 +02:00
Johannes Meyer 0aa32c7ef1 vendor: Update JShrink to version 1.3.2
refs #3785
2019-06-27 09:19:36 +02:00
Johannes Meyer 74642d1cf7 FileCache: Add method to prepare sub directories
refs #3814
2019-06-25 16:18:26 +02:00
Johannes Meyer bd2060739e announcements: Transform markdown markup 2019-06-25 15:04:04 +02:00
Johannes Meyer 1ac5557187 lib: Introduce Markdown view helper
refs #3684
2019-06-25 15:01:35 +02:00
Johannes Meyer dd664aab98 Url: Trim all leading slashes from paths, not just the first
refs #3829
2019-06-25 09:18:15 +02:00
Johannes Meyer dbd5e064ff
Merge pull request #3812 from Icinga/fix/cli-css-path
CLI: Fix CSS path
2019-06-05 14:09:24 +02:00
Johannes Meyer 40e27f8e2a LdapConnection: Properly render logical NOTs with only single expression
fixes #3818
2019-06-05 12:59:36 +02:00
Eric Lippmann b9c2c45af1 CLI: Fix CSS path
CLI commands which require our LESS parser had no access to our CSS
because the public path was set to the path of the icingacli executable
which is most likely bin.
2019-06-04 09:43:39 +02:00
Johannes Meyer 09090bcf9f
Merge pull request #3553 from oliverrahner/patch-1
Enable `$user:local_name$` placeholder in restrictions
2019-06-04 07:33:51 +02:00
Oliver Rahner 6ad74ef1cc
renamed variable $currentUser$ to $user:local_name$
updated docs, too
2019-06-03 23:56:21 +02:00
Johannes Meyer dcbb477d3a AnnouncementIniRepository: Also fetch column `start` in `findActive()` 2019-05-23 10:05:14 +02:00
Johannes Meyer de82dbe2ab
Merge pull request #3778 from Icinga/fix/browser-language-not-used-3750
Also adjust env var `LANGUAGE` when setting up the locale
2019-05-22 12:45:33 +02:00
Johannes Meyer 5d9aa0895f
Merge pull request #3570 from MVKozlov/patch-1
Return non-zero on display usage
2019-05-22 12:21:46 +02:00
Max Kozlov 27d12163c4 Icingacli should return UNKNOWN code, showUsage() also should return non-zero 2019-05-21 09:48:38 +03:00
Johannes Meyer 4af672fdfa Translator: Also adjust env var `LANGUAGE` when setting up the locale
fixes #3750
2019-05-10 12:33:31 +02:00
Elias Probst 483a9d1935 Typo (`Issueing` > `Issuing`) (#3773) 2019-05-03 15:56:47 +02:00
Johannes Meyer eb7db67dee
Merge pull request #3578 from Icinga/fix/cli-command
Fix uninitialized array and module in Cli\Command
2019-04-26 15:55:45 +02:00
Johannes Meyer 498f37d4ff
Command: Function getMainConfig should not deliver module config
Co-Authored-By: mxhash <mxhash@users.noreply.github.com>
2019-04-26 14:37:06 +02:00
Johannes Meyer c0e102cedd Release version 2.6.3
(cherry picked from commit 78d215ce36)
Signed-off-by: Johannes Meyer <johannes.meyer@icinga.com>
2019-04-24 14:49:21 +02:00
Johannes Meyer 1c0a70d152
Merge pull request #3758 from Icinga/fix/ldap-group-members-not-found-3650
Fix LDAP group members not found
2019-04-23 15:02:16 +02:00
Johannes Meyer a2d30a100c LdapQuery: Make all applied filters case-insensitive
LDAP peforms case-insensitive checks by default so do we now.

fixes #3650
2019-04-23 14:36:08 +02:00
Johannes Meyer 1d341f9253 LdapConnection: Include the normalized hostname in all informational messages
refs #3639
2019-04-23 10:55:23 +02:00
Johannes Meyer d998bd9894 LdapConnection: Normalize the hostname in all cases, not just for LDAPS
refs #3639
2019-04-23 10:54:40 +02:00
Johannes Meyer 0be1053197
Merge pull request #3748 from Icinga/feature/sortable-announcements-page-3414
Sortable announcements page
2019-04-18 14:51:16 +02:00
Johannes Meyer b50091fc21
Merge pull request #3747 from Icinga/bugfix/setuptimezone
ApplicationBootstrap#setupTimezone(): ensure a vaild default timezone to be set in any case
2019-04-17 14:46:22 +02:00
Johannes Meyer 4d0a9fb289 DbConnection: Rename getTimezoneOffset() to defaultTimezoneOffset()
refs Icinga/icingaweb2-module-director#1837
2019-04-17 12:30:33 +02:00
Johannes Meyer 9d30cfc3b7 IniParser: Add work-around for php bug 76965
refs #3733
2019-04-17 10:00:42 +02:00
Johannes Meyer 14b6e40562 DbConnection: Set current user's timezone on the connection
resolves #3525
2019-04-16 15:57:27 +02:00
Johannes Meyer db3cc699f7 ArrayDatasource: Store any type of key as a key column's value
fixes #3510
2019-04-16 13:26:48 +02:00
Johannes Meyer 37df008d7f AnnouncementIniRepository: Don't transform retrieved timestamps to DateTime
refs #3414
2019-04-16 13:03:16 +02:00
Johannes Meyer 032ca7ae50 SimpleQuery: Fail in case of missing order columns
refs #3414
2019-04-16 12:01:49 +02:00
Johannes Meyer e22d7daab6 SimpleQuery: Don't fail to order results based on sequenced column arrays
refs #3414
2019-04-16 12:00:55 +02:00
Alexander A. Klimov 5d4cdfe13f ApplicationBootstrap#setupTimezone(): ensure a vaild default timezone to be set in any case 2019-04-16 10:35:36 +02:00
Johannes Meyer 8fc467ca3c
Merge pull request #3714 from ignasr/fix/ldaps-port-3713
use the correct LDAPS port
2019-04-12 09:36:33 +02:00
ignasr 12ee9580a9 When using LDAPS, check if the Host field has hostnames with ports and use the value from Port field if not. 2019-04-12 08:57:52 +02:00
Johannes Meyer 3fe810ecf9 Form: Properly preserve defaults from DateTimePicker elements
fixes #3612
2019-04-10 10:51:36 +02:00
Johannes Meyer ccc2f487f6
Merge pull request #3706 from Icinga/fix/multiline-values-in-ini-files-broken-3705
Fix multiline values in ini files broken
2019-04-05 08:44:46 +02:00
Eric Lippmann 915c7b8fe5
Merge pull request #3504 from Icinga/fix/collapsible-sidebar-issues-3187
Fix collapsible sidebar issues
2019-03-21 09:09:27 +01:00
Jennifer Mourek b3b80fdc31 Make active first-level nav items better distinguishable 2019-03-20 11:07:39 +01:00
Jennifer Mourek 61b0d8aa90 Add icon with first letter of the li if there is no icon set else default to icon-circle 2019-03-20 11:07:39 +01:00
ignasr 9b1f49413d use the correct LDAPS port
refs #3713
2019-03-08 18:49:20 +01:00
Johannes Meyer 769d490631 config: Escape and unescape line breaks in ini values
refs #3705
2019-03-04 12:16:06 +01:00
Eric Lippmann 403c2d3495
Merge pull request #3481 from marianrh/feature/optionally-disable-mysql-server-certificate-validation
Allow disabling MySQL server certificate validation by setting ssl_do_not_verify_server_cert
2019-02-26 10:39:21 +01:00
Eric Lippmann b6e8151582
Merge pull request #3677 from Icinga/fix/escaped-ini-characters-3648
Fix escaped ini characters
2019-02-26 10:03:54 +01:00
Eric Lippmann 57f54b0f76
Merge pull request #3667 from Icinga/bugfix/undefined-offset-100-3589
Format::seconds(): handle negative values as expected
2019-02-26 09:59:24 +01:00
Thomas Gelf a487f83f99 Loader: fix indentation...
...it's too early in the morning, wrong .vimrc on this system - sorry.
2019-02-20 05:48:04 +01:00
Thomas Gelf 07776c54f3 Upload: do not fail on PHP 7.2
fixes #3689
2019-02-20 05:41:23 +01:00
Thomas Gelf 7868216d04 Loader: close clicommands directory after use
fixes #3688
2019-02-20 05:36:08 +01:00
Johannes Meyer ed7ecb32a5 IniParser: Properly unescape special characters in section names and option values
refs #3648

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2019-02-05 11:30:55 +01:00
Eric Lippmann 9571d1059f Fix URLs in our image helper having multiple params 2019-01-25 09:20:55 +01:00
Alexander A. Klimov c04b2594a6 Format::seconds(): handle negative values as expected
refs #3589
2019-01-17 16:40:27 +01:00
Thomas Gelf 08c879249b Auth: do not ask for unrelated group membership
If a specific User-Backend has been assigned to a Group Backend, and
the User has been authenticated by another User-Backend, then there is
no need to ask the unrelated Groups Backend for membership.
2018-12-18 14:51:13 +01:00
Markus Frosch 4081a85d90 Introduce Icinga\Util\Environment to manage limits
And replace the code in Icinga\File\Pdf with the new helper.
2018-12-05 15:42:48 +01:00
Eric Lippmann 87da1e76cd Respect php.ini limits when exporting to PDF 2018-12-05 15:12:03 +01:00
Markus Frosch a95e645236
Merge pull request #3643 from Icinga/feature/db-oracle-hostname-optional
DbConnection: Make host optional for Oracle connections
2018-12-05 15:09:46 +01:00
Markus Frosch f4f61dff5b vendor: Update dompdf to a fixed version for PHP 7.3
https://github.com/dompdf/dompdf/pull/1854
2018-12-05 14:57:21 +01:00
Markus Frosch ecfaf7cede GridChart: Fix compatibility issues with PHP 7.3 2018-12-05 14:57:21 +01:00
Markus Frosch 87e81e6b3a vendor: Update JShrink to 1.3.1
This fixes mainly problems with PHP 7.3.
2018-12-05 14:57:21 +01:00
Markus Frosch 5f52871b61
Merge pull request #3645 from Icinga/feature/zf1-php73
vendor: Update zf1 for PHP 7.3
2018-12-04 16:47:08 +01:00
Markus Frosch 113a10481b vendor: Update zf1 for PHP 7.3 2018-12-04 16:43:30 +01:00
Markus Frosch 2df8132c46 DbConnection: Make host optional for Oracle connections 2018-12-04 15:50:53 +01:00
Bas Couwenberg 075eb17005 Use continue <N> in case statements to fix ErrorException with PHP 7.3.
```
Fatal error: Uncaught ErrorException: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"?
```
2018-11-23 18:34:56 +01:00
Eric Lippmann 081b90e92f Raise version to 2.6.2 2018-11-20 12:39:21 +01:00
Eric Lippmann d919e23d0b
Merge pull request #3585 from Icinga/feature/enhanced-ldap-logging
Feature/enhanced ldap logging
2018-11-15 11:28:47 +01:00
Eric Lippmann 0c06ec7431
Merge pull request #3558 from Icinga/fix/permission-test-in-hook-has
Fix permission test in Hook::has()
2018-11-15 11:26:07 +01:00
Eric Lippmann 1268c16a7f
Merge pull request #3588 from Icinga/fix/problems-the-world-has-and-ever-will
Fix problems the world has and ever will
2018-11-15 11:25:48 +01:00
Thomas Gelf b4afdf4115 DbConnection: do not fail for MySQL 8
fixes #3611
2018-11-08 11:11:37 +01:00
Michael Friedrich d1fb3b3674 Update URL to https://icinga.com 2018-10-18 11:02:57 +02:00
Markus Frosch 39f5b5e2cd LdapConnection: Ensure port and timeout are numbers 2018-10-16 14:44:01 +02:00
Markus Frosch 3f782460dc LdapConnection: Add timeout setting with a useful default value 2018-10-16 14:35:50 +02:00
Johannes Meyer 86ae8c12df IniParser: Use mode INI_SCANNER_RAW to parse ini files 2018-10-10 09:44:11 +02:00
Johannes Meyer 4e6b936862 helpers/url: Properly escape image urls 2018-10-10 09:44:11 +02:00
Johannes Meyer 77bb1944db Web: Setup the logger earlier in the bootstrap process
Previously only ERROR got logged (to syslog only) up until
setupLogger() was called. This prevented any other message
level from being logged. It's now required to be able to
log in the Auth singleton. It also fixes the problem that
during setupSession() some warnings were never visible
due to the same reason.
2018-10-08 14:03:34 +02:00
Johannes Meyer 2f9037e545 Auth: Log which groups were identified for the user being authenticated 2018-10-08 14:02:26 +02:00
Johannes Meyer d8e3f23342 LdapCapabilities: Log which attributes were discovered 2018-10-08 10:34:27 +02:00
Johannes Meyer 3c69a63ce3 LdapUserGroupBackend: Log what the ambiguity check does 2018-10-08 10:34:27 +02:00
Marius Hein ae469311be Fix uninitialized array and module in Cli\Command 2018-09-24 13:48:22 +02:00
Max Kozlov 65591c829f
Update Cli.php 2018-09-08 01:37:33 +03:00
Max Kozlov a55e32b1a1
Return non-zero on display usage
`Icingacli` should return non-zeno status code when display usage messages
 for example for invalid commands

https://github.com/Icinga/icinga2/issues/6585#issuecomment-418681789

It is good for automation and helps mitigate typing errors
2018-09-05 22:16:25 +03:00
Eric Lippmann 7e4b92b714 Fix permission test in Hook::has()
Before, only the first hook for the given type was tested. If this hook
belonged to a not permitted module, Hook::has() returned false. Though
there may have been other hooks which are permitted.
2018-08-16 17:03:42 +02:00
Oliver Rahner 34eadb7f29
Enable `$currentUser` placeholder in restrictions
implements #3493
2018-08-08 15:15:02 +02:00
Eric Lippmann b3e0b5d587 Raise version to 2.6.1 2018-08-02 12:46:39 +02:00
Eric Lippmann 0f075b034b Respect permissions in Hook::has() 2018-07-26 11:51:23 +02:00
Johannes Meyer c0f99539ff Raise version to v2.6.0 2018-07-19 09:27:11 +02:00
Eric Lippmann dd9e8c8ba9 Revert "Merge pull request #3487 from Icinga/fix/web-bootstrap"
This reverts commit b12b905076, reversing
changes made to c633c86db7.

refs #3500
2018-07-18 15:29:55 +02:00
Eric Lippmann 121bd545d1
Merge pull request #3530 from Icinga/feature/enforce-a-named-identity-for-audit-logs
AuditHook: Enforce a named identity and allow to pass a explicit time
2018-07-18 15:27:45 +02:00
Johannes Meyer f28f7150fc AuditHook: Enforce a named identity and allow to pass a explicit time 2018-07-18 14:45:00 +02:00
Eric Lippmann 7d47875241 Introduce PdfexportHook 2018-07-18 14:22:18 +02:00
Marian Rainer-Harbach 5e40405a12 Allow disabling MySQL server certificate validation by setting ssl_do_not_verify_server_cert
Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2018-07-16 11:41:13 +02:00
Eric Lippmann 67929064cc
Merge pull request #3526 from Icinga/fix/some-xss-vulnerabilities
Fix some XSS vulnerabilities
2018-07-16 09:58:23 +02:00
Eric Lippmann 11f1a287ab
Merge pull request #3519 from Icinga/fix/mysql-ssl-connection-error-brings-up-no-explanation-3249
Pdo\Abstract: Properly handle incomplete error messages
2018-07-16 09:56:26 +02:00
Johannes Meyer 84622bf27b Fix some XSS vulnerabilities
Only a real issue with <= IE9 as other browsers properly escape
urls prior transmission.

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2018-07-16 09:53:30 +02:00
Johannes Meyer bf5c6a56b3 Revert "Fix some XSS vulnerabilities"
Accidentally pushed. Should re-enter with #3521.
2018-07-11 16:37:39 +02:00
Johannes Meyer b97933a146 Fix some XSS vulnerabilities
Only a real issue with <= IE9 as other browsers properly escape
urls prior transmission.
2018-07-11 13:10:57 +02:00
Johannes Meyer 44bfdd3986 Pdo\Abstract: Properly handle incomplete error messages
fixes #3249
2018-07-10 14:54:28 +02:00
Eric Lippmann 6cddd6beed
Merge pull request #3508 from Icinga/fix/filter-entries-are-deleted-when-pushing-enter-3454
FilterEditor: Add a hidden submit button to the start of the form's m…
2018-07-10 09:28:35 +02:00
Eric Lippmann b88c6b0a6e
Merge pull request #3516 from Icinga/feature/application-state-hook
Application state hook
2018-07-10 09:14:26 +02:00
Eric Lippmann 47405127d0 Add config to hide/show pplication state messages
refs #2835
2018-07-09 16:28:28 +02:00
Eric Lippmann d18d05ccee Introduce ApplicationStateHook
refs #2835
2018-07-09 16:28:25 +02:00
Eric Lippmann 303637df3c
Merge pull request #3452 from Icinga/feature/drop-php-lt-56-support
Drop support for PHP < 5.6
2018-07-09 09:18:18 +02:00
Johannes Meyer 6e6251604b FilterEditor: Add a hidden submit button to the start of the form's markup
When pushing enter our JS mimics what a browser would do. And that is
pushing the first submit button found in the form. Without this, that's
a delete button of the first logical junction. (the root condition)

fixes #3454
2018-07-06 10:41:49 +02:00
Eric Lippmann 189b519135
Merge pull request #3486 from Icinga/fix/request-parses-json-without-respecting-content-type-3484
Fix that Request parses json without respecting content type
2018-07-05 13:19:27 +02:00
Johannes Meyer 1f677e64f6 ActionController: Force HTTP redirects in method redirectHttp()
That's what its name implies, right? The counterpart is redirectXhr(),
which does still its job. redirectNow() on the other hand is for the
lazy people.
2018-07-04 14:44:03 +02:00
Johannes Meyer 8cbff87af1 Request: Parse the POST body only as JSON if it's really JSON
refs #3484
2018-07-04 11:09:11 +02:00
Johannes Meyer 842e5603a1 Request: Introduce method extractMediaType
refs #3484
2018-07-04 11:09:11 +02:00
Eric Lippmann 8990d6f46e Drop support for PHP < 5.6 2018-07-03 13:11:36 +02:00
Eric Lippmann d6c4df7a5d Use password_hash and password_verify 2018-07-03 13:08:06 +02:00
Eric Lippmann faaff42096 Revert "Introduce PasswordHelper for safer passwords"
This reverts commit f57277aa96.

Since we're dropping PHP support for versions lower than 5.6 this class is no longer necessary.
2018-07-03 13:08:06 +02:00
Eric Lippmann 966148e8f0
Merge pull request #3463 from kobmaki/feature/Allow-to-interface-with-sqlite-databases-3381
Support SQLite resources
2018-06-28 11:42:00 +02:00
Eric Lippmann 0433dc4166 Bootstrap modules at last
We initialize modules before we set up the user backend and other
singletons. But modules may access those in order to check the
permissions of the authenticated user for example. With this fix,
modules are loaded once all other bootstrap tasks have been completed.

refs #3470
2018-06-27 09:52:00 +02:00
Uwe Ebel 4b5cf47cce Introduce SQLite resource type
refs #3381

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2018-06-27 09:40:22 +02:00
Eric Lippmann c633c86db7
Merge pull request #3480 from Icinga/fix/revert-persistent-db-connections
No longer support persistent database connections
2018-06-27 09:36:37 +02:00
Eric Lippmann fdd791974d Update Parsedown 2018-06-25 16:07:47 +02:00
Eric Lippmann 66132c330a Update JShrink 2018-06-25 16:05:36 +02:00
Eric Lippmann 46907735fe Update HTMLPurifier 2018-06-25 16:04:10 +02:00
Eric Lippmann e55ac3e4a2 Update dompdf deps 2018-06-25 16:01:06 +02:00
Eric Lippmann 4d42c043e4 Remove traces of persistent db connections 2018-06-22 15:36:46 +02:00
Eric Lippmann af35794006 Revert "lib/db: Allow to configure persistent connections"
This reverts commit 4763b6b20a.
2018-06-22 14:43:32 +02:00
Eric Lippmann 6f1d8668a0 Fix line exceeds 120 characters 2018-06-22 11:04:48 +02:00
Alexander A. Klimov ee60a8df99 Don't let AutoRefreshForm handle API requests
refs #2749
2018-06-22 11:03:07 +02:00