Commit Graph

3825 Commits

Author SHA1 Message Date
Johannes Meyer 77244b2c1b Raise version to v2.8.2 2020-08-19 11:03:31 +02:00
Johannes Meyer c3d329bd48 Raise version to 2.8.1 2020-06-29 10:30:58 +02:00
Johannes Meyer b288d86e91 DbQuery: Return non-string args as is in `valueToTimestamp()`
fixes #4182
2020-06-24 14:09:13 +02:00
Johannes Meyer 4d173e6746 DbUserBackend: Lowercase usernames before fetching password hashes
The BINARY cast to make trailing spaces significant (#4030) also
made these queries case-sensitive. This wasn't identified at the
time because the query itself wasn't case-insensitive, but the
default collation on the `name` column. (Tests sometimes are the
perfect mitigation for this...)

fixes #4184
2020-06-24 14:08:30 +02:00
Johannes Meyer e95fac3ff1 Raise version to 2.8.0 2020-06-08 10:51:35 +02:00
Johannes Meyer 62dd0b3f1e ActionController: Fix that view variable `compact` is undefined
refs #4164
2020-06-08 09:26:36 +02:00
Johannes Meyer a240e306ed Preserve/Remove param `showCompact` instead of `view` 2020-06-04 08:50:41 +02:00
Johannes Meyer 6cf9f19048 ActionController: Shift parameter `view` if its value is `compact` 2020-06-04 08:50:41 +02:00
Johannes Meyer 60c3fd6406 FilterEditor: Use a new url from request when redirecting searches
Creating a new url has the benefit that all framework params are
still there. `$this->url()` however returns a url that's already
mangled and parameter preservation does not work for framework
params.

This is not quite the correct fix. But the entire parameter
handling here is way too convoluted.
2020-06-04 08:50:41 +02:00
Johannes Meyer 46c6201a21 Url: Add method `onlyWith()` 2020-06-04 08:50:41 +02:00
Eric Lippmann 49eb245580 CLI: Also register assets
Because assets are not registered in the CLI context,
CLI actions cannot access the full style sheet.
This is necessary for Icinga Reporting though in order to send PDF reports.
2020-06-04 07:31:02 +02:00
Eric Lippmann fce2858beb LDAP: Add option to disable server side sorting
We automatically detect whether the server supports server side sorting
and sort manually if that is not the case. But there are LDAP servers
which report that they support this feature in general but have it
disabled for certain fields.

If we send the server side control for any field that has server side
sort disabled, the LDAP server will abort the query.

With the new configuration option it is possible to disable server side
sorting and it has precedence over our automatic detection.
Since this is a very special LDAP server configuration, there is no GUI
option for this.
2020-05-25 11:08:13 +02:00
Johannes Meyer c2f380cf9b Dashlet: Use `showCompact` instead of `view=compact`
Allows dashlets to use their own value for parameter `view`
2020-05-19 16:46:58 +02:00
Johannes Meyer c40d134ea5 ApplicationBootstrap: Use L10n locales in `getLocaleDir()` if available 2020-05-11 17:05:23 +02:00
Johannes Meyer 8b8094e9cc dashboards: Increase size of dashlets in no-js envs 2020-04-15 09:42:36 +02:00
Johannes Meyer 5ed41868d9 css: Fix no-script apply styles in non-inline forms 2020-04-15 09:42:36 +02:00
Alexander A. Klimov 568619b92e Form: allow checkboxes to be required 2020-04-09 14:03:21 +02:00
Feu Mourek c2568548cf Add appropriate aria labels to donut graphs 2020-04-09 08:36:29 +02:00
Johannes Meyer d72bdc2c32 Raise version to 2.8.0-rc1 2020-03-13 10:40:35 +01:00
Eric Lippmann e11feb81f5 Don't fail with an exception if module.info is flawed 2020-03-12 14:26:15 +01:00
Eric Lippmann 3361cac59a CLI: Setup fake auth
Since version 2.7.x CLI actions load all enabled modules automatically.
This includes launching configuration.php and run.php. Though code
in those files should be restricted to a supported set of functions,
module devs may write any code here. If a module requires authentication
in those files, CLI actions fail because there is no auth possible.
With this patch, we setup a fake user named "cli" w/o any permission when
running CLI actions.
2020-03-02 14:16:28 +01:00
Eric Lippmann 990a5e4d61 Introduce Auth::setUser() 2020-03-02 14:15:53 +01:00
Johannes Meyer 3a66b0a950 FilterExpression: Pass used delimiter to `preg_quote`
fixes #4090
2020-03-02 08:39:46 +01:00
Johannes Meyer eb674509b4 BaseTestCase: Read db host and port from env vars if available 2020-01-21 14:13:15 +01:00
Johannes Meyer 05135e716e
Merge pull request #4049 from Icinga/fix/pdfexport-hooks-may-cause-bad-loading-times
Fix pdfexport hooks may cause bad loading times
2020-01-16 09:02:31 +01:00
Johannes Meyer 69d15824fb
Merge pull request #4048 from Icinga/fix/server-side-window-handling
Fix server side window handling
2020-01-16 08:57:11 +01:00
Eric Lippmann 73a4d8ac31 WebBaseHook: Make setView() fluent 2020-01-14 16:06:22 +01:00
Eric Lippmann dd500578c9 Url: Fix @return hints
Before, sublcasses of Url suffered from @return Url hints. This is
@return static now.
2020-01-14 14:26:14 +01:00
Johannes Meyer 8da37e5ca2
Merge pull request #4044 from Icinga/fix/pdf-export-error-handling
Fix pdf export error handling
2020-01-14 11:13:01 +01:00
Johannes Meyer 6a8f17faf2 OutputFormat: Just provide the pdf export if there's a hook available
Calling `isSupported()` is bad here since there may be IO involved.
2020-01-14 11:01:53 +01:00
Johannes Meyer 29aaa363b4 Pdf: Utilize an pdfexport hook without calling `isSupported()`
If it's not supported, users should disable the module. If there
are multiple hooks supported at some point we need to touch this
again anyways. So that should suffice for now.
2020-01-14 10:59:01 +01:00
Johannes Meyer 9fe43dda5f ActionController: Drop method `handlerBrowserWindows()` 2020-01-14 10:14:02 +01:00
Johannes Meyer 855bb8ae72 Properly handle window id's and container id's 2020-01-14 10:14:02 +01:00
Johannes Meyer 2d3fc218db Window: Differentiate between window and container id 2020-01-14 10:14:02 +01:00
Johannes Meyer d459e58aca Response: Add methods to override the client's window id 2020-01-14 10:14:02 +01:00
Johannes Meyer 098bcfb98f LdapConnection: Ignore unknown vendor upon inspection 2020-01-13 13:46:32 +01:00
Johannes Meyer 7bb9c8e25f LdapConnnection: Don't pass param `$serverCtrls` to `ldap_search` prior php 7.3
refs #4013
2020-01-13 13:17:40 +01:00
Johannes Meyer 5a58279995 ActionController: Don't render exceptions as PDF 2020-01-10 14:11:52 +01:00
Johannes Meyer 5943e6bde9 Pdf: Restore previous state after rendering content
In case an exception occurs its output was previously merged
with the rendered content or even PDF..
2020-01-10 14:11:40 +01:00
Johannes Meyer f63dfa5294 DbUserBackend: Use binary string comparison if it's a mysql db 2019-12-11 10:15:05 +01:00
Johannes Meyer e6d9819adb FilterQueryString: Parse numbers as floats in range conditions 2019-12-09 09:39:50 +01:00
Johannes Meyer dc8981f209 ConfigFormEventsHook: Use base class `Icinga\Web\Form` in type hints 2019-12-09 09:01:33 +01:00
Johannes Meyer 4157821c89 IcingaCheckbox: Don't `display:none` the checkbox but add `.sr-only` to it 2019-12-05 16:12:41 +01:00
Johannes Meyer 668ae38497 ExternalBackend: Don't authenticate a user if `REMOTE_USER` is empty 2019-12-05 15:13:02 +01:00
Johannes Meyer d0857345d0 DbConnection: Set `COLLATE 'latin1_general_ci'` for `latin1` charsets
MySQL 8+ seems a bit more strict now.
2019-12-05 14:18:17 +01:00
Johannes Meyer 8519bb5d11 User: Don't return true if any permission is granted and `*` is required 2019-12-05 08:44:33 +01:00
Johannes Meyer 7b488d7f93 swag: Fix violations of PSR-12
PSR-2 has been deprecated and phpcs v3.5.3
now checks for the successor PSR-12
2019-12-04 11:28:08 +01:00
Johannes Meyer 0442c4f0ab View: Ignore setting `short_open_tag`
Adjusting class `Zend_View_Stream` according to https://www.php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.stream-wrappers
didn't work. (*syntax error, unexpected end of file* after every last php statement in phtml files)

So.. since `<?= ?>` instructions are permanently available since PHP 5.4 (https://www.php.net/manual/en/language.basic-syntax.phptags.php)
we'll just omit using a custom stream wrapper now.
2019-12-04 09:35:24 +01:00
Johannes Meyer 7bc1893a24 LdapConnection: Don't utilize `ldap_control_paged_result()` on PHP 7.3+
https://www.php.net/manual/en/migration74.deprecated.php#migration74.deprecated.ldap
2019-12-04 09:33:13 +01:00
Johannes Meyer 9b1dc44130 FilterEditor: Also trim trailing whitespace from search values
Simple values are wrapped with `*` anyway, so trimming all
whitespace doesn't pose an issue. (Even if inserted intentionally)
This doesn't apply to qualified search values. (e.g. `host = abc `)

resolves #4002
2019-12-03 10:33:00 +01:00