Users were able to submit changes to fields they should not have access to change by bypassing the frontend validation. Correct backend validation to prevent that.
* fix VRP not cleaning BGP peers properly
* fix missing field in BgpPeer model
* Update includes/discovery/bgp-peers/vrp.inc.php
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Eloquent for 2 requests
* Eloquent for 1 request
* a few in Dell
* Model
* and more with timos
* and more with timos
* and firebrick
* firebrick
* one query instead of many
* Should use collection get
* Update timos.inc.php
* Update dell-os10.inc.php
* avoid changing timos as it breaks something
* new try with timos
* deps for BGP
* revert deps for BGP
* style
* style
* deps for BGP, 2nd try
* typo
* revert aos7
* fix create
* firebricktests
* firebrick
* firebrick
* cipsec-fix
* cipsec
* timos fix 100th time :)
* ./scripts/save-test-data.php -m os,ports,processors,mempools,vrf,sensors,bgp-peers,mpls,ospf -o timos -v 7705
* remove timos from this PR
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Fix up version and git helpers
Improve method names
Move all git calls into the git helper
Allow runtime and external cache of results where appropriate
Consolidate version headers for discovery, poller, and validate
* Style fixes
* improve consistency in git calls
* fix style
* don't send name inconsistently
* Improve database versions
* No need to cache Version it is not used more than once currently.
* Disable plugins that have errors
Disable plugin if a hook throws an error and set a notification
Move notification code to class, so we can access it
Clear notification when plugin is attempted to be enabled again
* fix style and lint fixes
* another lint fix and handle if property is missing
* Fix oxidized web requests not closing connections or responding fast enough
* Update showconfig.inc.php
* Add method to get the text content of an oxidized page
* Use Oxidized getContent method instead of file_get_content
* Too much brackets with copy paste
* Fix carriage return errors because of copy paste
* Fix copy paste error again
* Fix indent
* PHPStan is waiting for a return even outside of the if loop
* Single quotes
* Variabilize timeout in baseapi
* Set Oxidized Api class timeout var to 90 because oxidized is slow and to be sure not to break half the installs here
* fix typo
* Variabilize timeout
* Variabilize timeout
* Variabilize timeout
* Variabilize timeout
* Variabilize timeout
* Spacing
* Remove timeout type because of this error
Unexpected 'int' (T_STRING), expecting function (T_FUNCTION) or const (T_CONST) in app/ApiClients/BaseApi.php on line 34
* Lint needs type finally
* Use contruct instead of setting variable
* Type hinting instead for php7.3
* Type hinting fix
* Set property value instead of calling parent constructor
* Typo
* Remove unneededconstructors
* Remove unneeded constructors
* Remove unneeded constructors
* Remove unneeded constructors
* Remove unneeded constructors
* Remove unneeded constructors
* Typing not casting
* Typing not casting
* Cannot type variables outside of a class
Co-authored-by: PipoCanaja <38363551+PipoCanaja@users.noreply.github.com>
* Defer loading option values
Otherwise it causes a cli command to be run every single application boot.
* style and lint
* Just return whatever we have it isn't callable
* Cleanup and optimize the availability widget
Default sort is display name
Sort applies to services too (services always last)
May need to refresh the page to get new css
* style
* We don't need request (lint fix)
* Wrong service field name
* Fix IPv6 in service check host (#13939)
* Add hostName cleaning to Clean
* Apply RFC 5952 formatting to Clean::hostName output
* Use more liberal cleaning for hostnames
* Remove unwanted whitespace
* Apply Clean::hostName() to all relevant fields
* Fix docstring
* Use IP::isValid inline
* Update Clean.php
* Update services.inc.php
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add sorting support for additional columns + dual column
Additional columns are Display Name (display) and System Name (sysName)
Dual column means that first is sorted after status, then within
each status group another sort is done (every columns from single column
sorting is possible).
* Change code for styleCI
* Expand availability map sorting menu
Also change sysName to System Name – there is no real reason for
that short form.
* Add german translation for avail. map sorting/display options
* Adjust sorting behaviour in Availability Map
The dropdown now presents two options:
- Display Text: Sort by the selected value of the dropdown 'Display Text'
- Status: Sort by status, then by selected value of dropdown 'Display Text'
As the field 'display' (The display name) may contain template functions
etc., sorting is not done by SQL means; instead custom sorting is done
within the controller.
* Apply fix for styleCI
* Apply fix for styleCI, part 2
* Update availability-map.blade.php
* Update availability-map.blade.php
* Update availability-map.blade.php
* Update de.json
* Update AvailabilityMapController.php
* Update AvailabilityMapController.php
* Update availability-map.blade.php
* Update de.json
Co-authored-by: Sander Steffann <sander@steffann.nl>
Co-authored-by: Tony Murray <murraytony@gmail.com>
* use component to discover if xDSL polling is needed
use component to discover if xDSL polling is needed
* Components OK, Polling in correct files, no DB for VDSL
* GUI
GUI_suite
* per port as well
* rename
* interface listing
* draytek_snmpsim
* fix arraymerge
fix names and max value
* schema
schema
style
* remove one dbFetchRows
remove 2x dbFetchCell
style
style
remove Legacy dbFetchRow
tests
tests
eloquent
more eloquent
more eloquent
one more gone
* fix properties access
eloquent_insert_update
style
tests
tests
tests
tests
* tests
tests
tests
* adslLineCoding
* Models
* fix not nullable cols in DB from code
default values
typo
rename
typo
schema
fix
fix
vdsl fix now
typo
typo
fix size
fix size
* Power values for VDSL
Power values for VDSL
Power values for VDSL
DB
* cleanup
* Rrd::checkRrdExists
* always enable DSL discovery
style
* xdsl module
* cleanup and move to Module
cleanup and move to Module
cleanup and move to Module
cleanup and move to Module
* Fix display
* fix polling and tenth
* remove legacy poller
* Style and Cosmetics
Cosmetics
Cleanup
* Translations
Translations
* exists
exists
* add test support for xdsl
* remove last component call
unused
* translations
* remove non standard onclick event on xdsl line
* Update Discovery Support.md
Update Poller Support.md
toner_gone
* Notification for removal of lnms config:set enable_ports_adsl true
* enable on devices with potential DSL interfaces
* tests are working now
fix teldat tests
* os_schema
* teldat
* move to new module structure
* move to new module structure
* wrong dump function
* wrong dump function
* laravel_through_key hidden
* Update notifications.rss
* Update notifications.rss
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Return GraphImage to include more metadata
Allows things like including title.
Implements __toString for backwards compatability
getImageData to allow controlling the output through flags
* Style and Lint
* Email embed graphs
* Allow attachment for non-html
Add setting to webui
Correct $auth setting
* Cleanups, throw RrdGraphException instead of returning an error image.
Generate the error image later, giving more control.
Reduce code duplication a little
* Style and lint fixes
Change to flags
* Add baseline for lint errors I don't know how to resolve
* oopsie, changed the code after generating the baseline
* Tiny cleanups. Make set DeviceCache primary, it is free.
* Docs.
* email_html note
* Allow control of graph embed at the email transport level to override the global config.
* Allow control of graph embed at the email transport level to override the global config.
* Add INLINE_BASE64 to make it easier to create inline image tags
* Discord ability to attach graph images
Must use @signedGraphTag()
Needs more work on the graph side of things still: issues with CORs and other.
* Fixes
* alert data is an array for transports
* No need to decode, that was a bug before
* More secure external graph access
Add @signedGraphTag() and @signedGraphUrl() blade directives
Takes either an array of graph variables or a url to a graph
Uses a signed url that is accessible without user login, embeds signature in url to authenticate access
See Laravel Signed Url for more details.
Adds Laravel route to graphs (does not change links to use it yet)
@graphImage requires the other PR
Also APP_URL is required in .env
* missing files from rebase
* Fix url parsing with a get string
* allow width and height to be omitted
* Documentation
* Add to, otherwise it will always be now
* Doc note for to and from relative security
* fix vars.inc.php (Laravel has a dummy url here)
* Fix removing all port groups
* Make backend work in the situation where this endpoint is used for more than just this setting change
change event is called multiple times when select2 is cleared (once for each item)
prevent duplicate backend calls
Remove no default Port Group item
* Error reporting
* Move code to ErrorReportingProvider
Enable reporting of error (and warning) messages.
report module exceptions
* Restore flare key
Not needed to set late anymore. We set up filtering before it is initialized.
* Remove unnecessary and maybe double Flare report
* lint
* Cannot use typed properties yet, use phpdoc
* fix handleError return type
* Filter both exceptions and reports (so we don't miss any)
Consolidate the check if reporting should be enabled
* Cache reportingEnabled check for the runtime
* Split out middleware to improve readability
Logging of why reporting is disabled
Fix reportingEnabled cache
* Style
* Return some user data
* Change to class based middleware, it looks nicer
* Fix error page error id report, add url.
* also rewrite intended url
* remove link
* Move ignition to production and update flare-client
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Correct logic for recurring alert rules that span UTC days. Evaluate the day of week in local time.
* Enable previously broken test cases
* Update TestScheduledMaintenance.php
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add group case
Add group case for portgroup URL query
* Add PortGroups to MenuComposer
* Add PortGroups to Menu blade
Adds to menu blade, using a similar behavior as Locations.
* Make PortCount into link
Make port count into like similar to DeviceGroups device count.
* Update MenuComposer.php
Make StyleCI happy
* Update MenuComposer.php
Make StyleCI happy
* Update ports.inc.php
Make StyleCI happy
* Update menu.blade.php
Menu fix.
* Update Menu so Manage Groups always displays.
* Adding Group function
* Add group to filterFields
* Trying suggested change
* Subquery
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add devicegroup filterFields
* add Devicegroup to post function
* StyleCI
* Add GUI Element
* Less wordy
Dropped "View" from the link. Made it too wordy for such a small GUI insertion.
* Moved DeviceGroup Ports link to a separate column
I realized how it could be confusing to have links to two different items in the same column, so I separated the Ports out.
* New Poller validations
Seperated poller and distributed poller validations to make poller validations generally available
One auto fixer added
Translatable strings
* lint and style fixes
* and style
* and style
* Update LibreNMS/Validations/Poller/CheckLocking.php
Co-authored-by: Jellyfrog <Jellyfrog@users.noreply.github.com>
* Update CheckPythonWrapper.php
* Try to check if cron is even installed before warning about not being able to read the cron files.
Likely most systems they won't be readable, but also, it is very unlikely we hit the cron check and it is meaningfully different than the first Poller::exists() check.
* Work on poller validation
Remove errors/warnings when at least one poller of the other type is active.
* style fixes
Co-authored-by: Jellyfrog <Jellyfrog@users.noreply.github.com>
