tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,747 Commits 120 Branches 71 Tags 80 MiB
Commit Graph

3645 Commits

Author SHA1 Message Date
Eric Lippmann d919e23d0b
Merge pull request #3585 from Icinga/feature/enhanced-ldap-logging 
Feature/enhanced ldap logging
 2018-11-15 11:28:47 +01:00
Eric Lippmann 0c06ec7431
Merge pull request #3558 from Icinga/fix/permission-test-in-hook-has 
Fix permission test in Hook::has()
 2018-11-15 11:26:07 +01:00
Eric Lippmann 1268c16a7f
Merge pull request #3588 from Icinga/fix/problems-the-world-has-and-ever-will 
Fix problems the world has and ever will
 2018-11-15 11:25:48 +01:00
Thomas Gelf b4afdf4115 DbConnection: do not fail for MySQL 8 
fixes #3611
 2018-11-08 11:11:37 +01:00
Markus Frosch 39f5b5e2cd LdapConnection: Ensure port and timeout are numbers 2018-10-16 14:44:01 +02:00
Markus Frosch 3f782460dc LdapConnection: Add timeout setting with a useful default value 2018-10-16 14:35:50 +02:00
Johannes Meyer 86ae8c12df IniParser: Use mode INI_SCANNER_RAW to parse ini files 2018-10-10 09:44:11 +02:00
Johannes Meyer 4e6b936862 helpers/url: Properly escape image urls 2018-10-10 09:44:11 +02:00
Johannes Meyer 77bb1944db Web: Setup the logger earlier in the bootstrap process 
Previously only ERROR got logged (to syslog only) up until
setupLogger() was called. This prevented any other message
level from being logged. It's now required to be able to
log in the Auth singleton. It also fixes the problem that
during setupSession() some warnings were never visible
due to the same reason.
 2018-10-08 14:03:34 +02:00
Johannes Meyer 2f9037e545 Auth: Log which groups were identified for the user being authenticated 2018-10-08 14:02:26 +02:00
Johannes Meyer d8e3f23342 LdapCapabilities: Log which attributes were discovered 2018-10-08 10:34:27 +02:00
Johannes Meyer 3c69a63ce3 LdapUserGroupBackend: Log what the ambiguity check does 2018-10-08 10:34:27 +02:00
Eric Lippmann 7e4b92b714 Fix permission test in Hook::has() 
Before, only the first hook for the given type was tested. If this hook
belonged to a not permitted module, Hook::has() returned false. Though
there may have been other hooks which are permitted.
 2018-08-16 17:03:42 +02:00
Eric Lippmann b3e0b5d587 Raise version to 2.6.1 2018-08-02 12:46:39 +02:00
Eric Lippmann 0f075b034b Respect permissions in Hook::has() 2018-07-26 11:51:23 +02:00
Johannes Meyer c0f99539ff Raise version to v2.6.0 2018-07-19 09:27:11 +02:00
Eric Lippmann dd9e8c8ba9 Revert "Merge pull request #3487 from Icinga/fix/web-bootstrap" 
This reverts commit b12b905076, reversing
changes made to c633c86db7.

refs #3500
 2018-07-18 15:29:55 +02:00
Eric Lippmann 121bd545d1
Merge pull request #3530 from Icinga/feature/enforce-a-named-identity-for-audit-logs 
AuditHook: Enforce a named identity and allow to pass a explicit time
 2018-07-18 15:27:45 +02:00
Johannes Meyer f28f7150fc AuditHook: Enforce a named identity and allow to pass a explicit time 2018-07-18 14:45:00 +02:00
Eric Lippmann 7d47875241 Introduce PdfexportHook 2018-07-18 14:22:18 +02:00
Johannes Meyer 84622bf27b Fix some XSS vulnerabilities 
Only a real issue with <= IE9 as other browsers properly escape
urls prior transmission.

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
 2018-07-16 09:53:30 +02:00
Eric Lippmann 6cddd6beed
Merge pull request #3508 from Icinga/fix/filter-entries-are-deleted-when-pushing-enter-3454 
FilterEditor: Add a hidden submit button to the start of the form's m…
 2018-07-10 09:28:35 +02:00
Eric Lippmann b88c6b0a6e
Merge pull request #3516 from Icinga/feature/application-state-hook 
Application state hook
 2018-07-10 09:14:26 +02:00
Eric Lippmann 47405127d0 Add config to hide/show pplication state messages 
refs #2835
 2018-07-09 16:28:28 +02:00
Eric Lippmann d18d05ccee Introduce ApplicationStateHook 
refs #2835
 2018-07-09 16:28:25 +02:00
Eric Lippmann 303637df3c
Merge pull request #3452 from Icinga/feature/drop-php-lt-56-support 
Drop support for PHP < 5.6
 2018-07-09 09:18:18 +02:00
Johannes Meyer 6e6251604b FilterEditor: Add a hidden submit button to the start of the form's markup 
When pushing enter our JS mimics what a browser would do. And that is
pushing the first submit button found in the form. Without this, that's
a delete button of the first logical junction. (the root condition)

fixes #3454
 2018-07-06 10:41:49 +02:00
Eric Lippmann 189b519135
Merge pull request #3486 from Icinga/fix/request-parses-json-without-respecting-content-type-3484 
Fix that Request parses json without respecting content type
 2018-07-05 13:19:27 +02:00
Johannes Meyer 1f677e64f6 ActionController: Force HTTP redirects in method redirectHttp() 
That's what its name implies, right? The counterpart is redirectXhr(),
which does still its job. redirectNow() on the other hand is for the
lazy people.
 2018-07-04 14:44:03 +02:00
Johannes Meyer 8cbff87af1 Request: Parse the POST body only as JSON if it's really JSON 
refs #3484
 2018-07-04 11:09:11 +02:00
Johannes Meyer 842e5603a1 Request: Introduce method extractMediaType 
refs #3484
 2018-07-04 11:09:11 +02:00
Eric Lippmann 8990d6f46e Drop support for PHP < 5.6 2018-07-03 13:11:36 +02:00
Eric Lippmann d6c4df7a5d Use password_hash and password_verify 2018-07-03 13:08:06 +02:00
Eric Lippmann faaff42096 Revert "Introduce PasswordHelper for safer passwords" 
This reverts commit f57277aa96.

Since we're dropping PHP support for versions lower than 5.6 this class is no longer necessary.
 2018-07-03 13:08:06 +02:00
Eric Lippmann 966148e8f0
Merge pull request #3463 from kobmaki/feature/Allow-to-interface-with-sqlite-databases-3381 
Support SQLite resources
 2018-06-28 11:42:00 +02:00
Eric Lippmann 0433dc4166 Bootstrap modules at last 
We initialize modules before we set up the user backend and other
singletons. But modules may access those in order to check the
permissions of the authenticated user for example. With this fix,
modules are loaded once all other bootstrap tasks have been completed.

refs #3470
 2018-06-27 09:52:00 +02:00
Uwe Ebel 4b5cf47cce Introduce SQLite resource type 
refs #3381

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
 2018-06-27 09:40:22 +02:00
Eric Lippmann c633c86db7
Merge pull request #3480 from Icinga/fix/revert-persistent-db-connections 
No longer support persistent database connections
 2018-06-27 09:36:37 +02:00
Eric Lippmann 4d42c043e4 Remove traces of persistent db connections 2018-06-22 15:36:46 +02:00
Eric Lippmann af35794006 Revert "lib/db: Allow to configure persistent connections" 
This reverts commit 4763b6b20a.
 2018-06-22 14:43:32 +02:00
Eric Lippmann 6f1d8668a0 Fix line exceeds 120 characters 2018-06-22 11:04:48 +02:00
Alexander A. Klimov ee60a8df99 Don't let AutoRefreshForm handle API requests 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov 235e75d054 Form: handle API requests as expected 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov 880a0a254f DateTimePicker: support *nix timestamps 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov a444b8adf5 Request: support JSON as POST data format 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov 73473a3bb9 Fix tests 
refs #2635
 2018-06-22 09:57:10 +02:00
Alexander A. Klimov 906c1668a4 Split Json::encode() into Json::encode() and Json::sanitize() 
refs #2635
 2018-06-21 16:01:53 +02:00
Alexander A. Klimov 02b60633ff Auto-sanitize only in the monitoring module 
refs #2635
 2018-06-20 18:05:12 +02:00
Alexander A. Klimov 1a94a21263 Prefer Json::encode() over json_encode() 
refs #2635
 2018-06-20 18:05:11 +02:00
Alexander A. Klimov 9219cea776 Json::encode(): auto-sanitize bad UTF-8 strings 
refs #2635
 2018-06-20 18:05:11 +02:00