includes/html/forms/notifications.inc.php

<?php
/* Copyright (C) 2015 Daniel Preussker, QuxLabs UG <preussker@quxlabs.com>
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>. */

/**
 * Notification Page
 * @author Daniel Preussker
 * @copyright 2015 Daniel Preussker, QuxLabs UG
 * @license GPL
 * @package LibreNMS
 * @subpackage Notifications
 */

use LibreNMS\Authentication\LegacyAuth;

header('Content-type: application/json');

if (!isset($_REQUEST['action'])) {
    die(json_encode([
        'status' => 'error',
        'message' => 'ERROR: Missing Params',
    ]));
}

if (in_array($_REQUEST['action'], ['stick', 'unstick', 'create']) && !LegacyAuth::user()->hasGlobalAdmin()) {
    die(json_encode([
        'status' => 'error',
        'message' => 'ERROR: Need to be GlobalAdmin or DemoUser',
    ]));
}


if ($_REQUEST['action'] == 'read' && isset($_REQUEST['notification_id'])) {
    if (dbInsert(['notifications_id'=>$_REQUEST['notification_id'],'user_id'=>LegacyAuth::id(),'key'=>'read','value'=>1], 'notifications_attribs')) {
        die(json_encode([
            'status' => 'ok',
            'message' => 'Set as Read',
        ]));
    }
} elseif ($_REQUEST['action'] == 'read-all-notif') {
    $unread = dbFetchColumn("SELECT `notifications_id` FROM `notifications` AS N WHERE NOT EXISTS ( SELECT 1 FROM `notifications_attribs` WHERE `notifications_id` = N.`notifications_id` AND `user_id`=? AND `key`='read' AND `value`=1)", [LegacyAuth::id()]);
    foreach ($unread as $notification_id) {
        dbInsert(
            [
                'notifications_id' => $notification_id,
                'user_id' => LegacyAuth::id(),
                'key' => 'read',
                'value' => 1
            ],
            'notifications_attribs'
        );
    }
    die(json_encode([
        'status' => 'ok',
        'message' => 'All notifications set as read',
    ]));
} elseif ($_REQUEST['action'] == 'stick' && isset($_REQUEST['notification_id'])) {
    if (dbInsert(['notifications_id'=>$_REQUEST['notification_id'],'user_id'=>LegacyAuth::id(),'key'=>'sticky','value'=>1], 'notifications_attribs')) {
        die(json_encode([
            'status' => 'ok',
            'message' => 'Set as Sticky',
        ]));
    }
} elseif ($_REQUEST['action'] == 'unstick' && isset($_REQUEST['notification_id'])) {
    if (dbDelete('notifications_attribs', "notifications_id = ? && user_id = ? AND `key`='sticky'", [$_REQUEST['notification_id'],LegacyAuth::id()])) {
        die(json_encode([
            'status' => 'ok',
            'message' => 'Removed Sticky',
        ]));
    }
} elseif ($_REQUEST['action'] == 'create' && (!empty($_REQUEST['title']) && !empty($_REQUEST['body']))) {
    if (dbInsert(['title'=>$_REQUEST['title'],'body'=>$_REQUEST['body'],'checksum'=>hash('sha512', LegacyAuth::id().'.LOCAL.'.$_REQUEST['title']),'source'=>LegacyAuth::id()], 'notifications')) {
        die(json_encode([
            'status' => 'ok',
            'message' => 'Created',
        ]));
    }
} else {
    die(json_encode([
        'status' => 'error',
        'message' => 'ERROR: Missing Params',
    ]));
}

die(json_encode(array(
    'status'       => 'error',
    'message'      => 'unknown error',
)));
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00			`<?php`
			`/* Copyright (C) 2015 Daniel Preussker, QuxLabs UG <preussker@quxlabs.com>`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
bug: Fix mark all unread notifications (#7999) Did not work when other users had marked them as read. 2018-01-05 15:22:48 -06:00			`*`
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the`
			`* GNU General Public License for more details.`
bug: Fix mark all unread notifications (#7999) Did not work when other users had marked them as read. 2018-01-05 15:22:48 -06:00			`*`
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>. */`

			`/**`
			`* Notification Page`
			`* @author Daniel Preussker`
			`* @copyright 2015 Daniel Preussker, QuxLabs UG`
			`* @license GPL`
			`* @package LibreNMS`
			`* @subpackage Notifications`
			`*/`
refactor: Don't access $_SESSION directly for Auth (#8513) * Don't access $_SESSION directly for Auth * fix style * add property annotations 2018-04-07 15:55:28 -05:00
Use Laravel authentication (#8702) * Use Laravel for authentication Support legacy auth methods Always create DB entry for users (segregate by auth method) Port api auth to Laravel restrict poller errors to devices the user has access to Run checks on every page load. But set a 5 minute (configurable) timer. Only run some checks if the user is an admin Move toastr down a few pixels so it isn't as annoying. Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user. Add two missing menu entries in the laravel menu Rewrite 2FA code Simplify some and verify code before applying Get http-auth working Handle legacy $_SESSION differently. Allows Auth::once(), etc to work. * Fix tests and mysqli extension check * remove duplicate Toastr messages * Fix new items * Rename 266.sql to 267.sql 2018-09-11 07:51:35 -05:00			`use LibreNMS\Authentication\LegacyAuth;`
refactor: Don't access $_SESSION directly for Auth (#8513) * Don't access $_SESSION directly for Auth * fix style * add property annotations 2018-04-07 15:55:28 -05:00
Ajax headers for various 2016-04-26 15:13:01 -07:00			`header('Content-type: application/json');`
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`if (!isset($_REQUEST['action'])) {`
			`die(json_encode([`
			`'status' => 'error',`
			`'message' => 'ERROR: Missing Params',`
			`]));`
			`}`

			`if (in_array($_REQUEST['action'], ['stick', 'unstick', 'create']) && !LegacyAuth::user()->hasGlobalAdmin()) {`
			`die(json_encode([`
			`'status' => 'error',`
			`'message' => 'ERROR: Need to be GlobalAdmin or DemoUser',`
			`]));`
			`}`


			`if ($_REQUEST['action'] == 'read' && isset($_REQUEST['notification_id'])) {`
			`if (dbInsert(['notifications_id'=>$_REQUEST['notification_id'],'user_id'=>LegacyAuth::id(),'key'=>'read','value'=>1], 'notifications_attribs')) {`
			`die(json_encode([`
			`'status' => 'ok',`
			`'message' => 'Set as Read',`
			`]));`
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00			`}`
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`} elseif ($_REQUEST['action'] == 'read-all-notif') {`
			$unread = dbFetchColumn("SELECT `notifications_id` FROM `notifications` AS N WHERE NOT EXISTS ( SELECT 1 FROM `notifications_attribs` WHERE `notifications_id` = N.`notifications_id` AND `user_id`=? AND `key`='read' AND `value`=1)", [LegacyAuth::id()]);
bug: Fix mark all unread notifications (#7999) Did not work when other users had marked them as read. 2018-01-05 15:22:48 -06:00			`foreach ($unread as $notification_id) {`
			`dbInsert(`
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`[`
bug: Fix mark all unread notifications (#7999) Did not work when other users had marked them as read. 2018-01-05 15:22:48 -06:00			`'notifications_id' => $notification_id,`
Use Laravel authentication (#8702) * Use Laravel for authentication Support legacy auth methods Always create DB entry for users (segregate by auth method) Port api auth to Laravel restrict poller errors to devices the user has access to Run checks on every page load. But set a 5 minute (configurable) timer. Only run some checks if the user is an admin Move toastr down a few pixels so it isn't as annoying. Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user. Add two missing menu entries in the laravel menu Rewrite 2FA code Simplify some and verify code before applying Get http-auth working Handle legacy $_SESSION differently. Allows Auth::once(), etc to work. * Fix tests and mysqli extension check * remove duplicate Toastr messages * Fix new items * Rename 266.sql to 267.sql 2018-09-11 07:51:35 -05:00			`'user_id' => LegacyAuth::id(),`
bug: Fix mark all unread notifications (#7999) Did not work when other users had marked them as read. 2018-01-05 15:22:48 -06:00			`'key' => 'read',`
			`'value' => 1`
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`],`
bug: Fix mark all unread notifications (#7999) Did not work when other users had marked them as read. 2018-01-05 15:22:48 -06:00			`'notifications_attribs'`
			`);`
webui: Add ability to mark all notifications as read (#7489) * feature: Add ability to mark all notifications as read fixes: https://community.librenms.org/t/ability-to-mark-all-notifications-as-re ad/2368/1 * Do not add multiple read notifications_attribs * not archive, yes non-admin * Oops, hardcoded user_id 2017-11-29 04:22:53 +01:00			`}`
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`die(json_encode([`
			`'status' => 'ok',`
			`'message' => 'All notifications set as read',`
			`]));`
			`} elseif ($_REQUEST['action'] == 'stick' && isset($_REQUEST['notification_id'])) {`
			`if (dbInsert(['notifications_id'=>$_REQUEST['notification_id'],'user_id'=>LegacyAuth::id(),'key'=>'sticky','value'=>1], 'notifications_attribs')) {`
			`die(json_encode([`
			`'status' => 'ok',`
			`'message' => 'Set as Sticky',`
			`]));`
			`}`
			`} elseif ($_REQUEST['action'] == 'unstick' && isset($_REQUEST['notification_id'])) {`
			if (dbDelete('notifications_attribs', "notifications_id = ? && user_id = ? AND `key`='sticky'", [$_REQUEST['notification_id'],LegacyAuth::id()])) {
			`die(json_encode([`
			`'status' => 'ok',`
			`'message' => 'Removed Sticky',`
			`]));`
			`}`
			`} elseif ($_REQUEST['action'] == 'create' && (!empty($_REQUEST['title']) && !empty($_REQUEST['body']))) {`
			`if (dbInsert(['title'=>$_REQUEST['title'],'body'=>$_REQUEST['body'],'checksum'=>hash('sha512', LegacyAuth::id().'.LOCAL.'.$_REQUEST['title']),'source'=>LegacyAuth::id()], 'notifications')) {`
			`die(json_encode([`
			`'status' => 'ok',`
			`'message' => 'Created',`
			`]));`
			`}`
PSR2 Cleanup: /html edition Travis tests for code conformance. Ignore warnings for now. Fixed all errors, left most warnings. 2016-08-18 20:28:22 -05:00			`} else {`
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`die(json_encode([`
			`'status' => 'error',`
			`'message' => 'ERROR: Missing Params',`
			`]));`
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00			`}`

			`die(json_encode(array(`
Fix notification creation (#10058) * Fix notification creation also refactor so it is a bit more logical * Don't allow empty title and body * Updated to use error message in toastr 2019-04-03 20:52:08 -05:00			`'status' => 'error',`
			`'message' => 'unknown error',`
Added notifications poller,page,schema,display 2015-09-27 15:35:33 +00:00			`)));`