mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
19,201 Commits 47 Branches 151 Tags
7e5641d4fef987fd69d537ea40b686258582cd8a
Commit Graph

72 Commits

Author SHA1 Message Date
Jellyfrog
4df7968d81 Fix SQL injection in get-host-dependencies (#13868) 
Thanks to raf at TNP Consultants for reporting it
 2022-03-23 21:39:24 -05:00
PipoCanaja
4c9d4eefd8 XSS fixes (#13780) 2022-02-13 20:54:58 +00:00
PipoCanaja
41ddce6377 XSS fix, cont. again (#13778) 
* XSS in alert template creation

* XSS in alert rule name

* XSS in service name & desc

* style

* strip_tags in alert_notes

* strip_tags in create_alert_item

* strip_tags in addsrv page
 2022-02-13 20:23:07 +01:00
PipoCanaja
135717a9a0 security - XSS Fix 01 
fixing https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177/ (#13775)
 2022-02-13 11:00:56 +01:00
Tony Murray
b6a8b602b8 Oxidized update and Device remove (#13730) 
* Oxidized + Device remove
Was just working on oxidized, but then to properly update nodes after delete, updated delete_device()

* revert dumb style changes

* baseline update and no DI there...

* Fix OS first load and device deletion missing tables
 2022-01-29 21:09:05 -06:00
Jellyfrog
1debe5e166 Use built in method to render a string with Blade (#13688) 2022-01-26 07:10:06 -06:00
Feras Al-Kassar
35a6905092 Fix security vuls (#13554) 
* Fix XSS vulnerabilities

* fix XSS vulnerabilities in alerts.inc.php

* fix XSS vulnerability in poller-groups.inc.php

* small fix for the integration

* another fix for the inegration

* another fix for the inegration

* change the sanitizer at sources instead of json_encode sinks

* another change sanitizer at sources instead of json_encode sinks

* another change sanitizer at sources instead of common_output and current_config sinks

* fix path manipulation vulnerability
 2021-11-24 10:00:25 -06:00
Tony Murray
b0e0d65c86 Fixes for misc unset variables in polling (#13421) 
Remove $attribs global
 2021-10-25 21:35:18 +02:00
Tony Murray
0b8b97bb68 Push Notifications (Mobile and PC) (#13277) 
* Update manifest and add service worker
cleanup icons a bit

* Push notifications WIP

* navigate working

* cleanup

* acknowledge wired up

* Set VAPID keys on composer install

* Component to control notification permissions.

* Allow all user option to validate

* Enable on browser load if transport exists.

* Check for transport before showing user permissions
translations

* Documentation

* style fixes

* access via the attribute model

* fix alerting test

* update schema

* cleanup subscription on disable

* non-configurable db and table for webpush subscriptions (respect system connection)

* revert AlertTransport change
hopefully phpstan can figure it out

* phpstan fixes

* Support custom details display

* Match transport names to brand's preferred display

* less duplicate id errors

* Tests are done in Laravel code now so
remove legacy function usage... could be better, but ok

* Style fixes

* Style fixes 2

* Fix alert test

* Doc updates requires HTTPS and GMP

* unregister subscription when permission is set to denied

* cleanup after user deletion

* delete the right thing

* fix whitespace

* update install docs to include php-gmp

* suggest ext-gmp

* update javascript

* Update functions.php

Co-authored-by: Jellyfrog <Jellyfrog@users.noreply.github.com>
 2021-10-06 07:29:47 -05:00
Jellyfrog
258505ed44 Apply fixes from StyleCI (#13224) 2021-09-10 20:09:53 +02:00
Tony Murray
d74bb37971 Show port speed on port graphs, optionally set scale (#11858) 
* Show ifSpeed on Graph
Drop ifHighSpeed, we really don't want to store that value.

* safer truth check

* Allow global setting and per-graph variable

* match surrounding case

* Style fixes

* Remove old function usage

* update schema

* remove some old usages

* cleanup more ifHighSpeed references

* update test data to remove ifHighSpeed

* fix down migration

* Add button on graph page
Change default
tweak wording
 2021-08-23 06:47:44 -05:00
PipoCanaja
eab63ea220 webui - Services bootstrap enable + status (#12736) 
* Services bootstrap enable + status

* style

* copyright

* generic create-service.inc.php to allow updates of some fields only

* generic create-service.inc.php to allow updates of some fields only
 2021-04-22 19:13:39 +02:00
Jellyfrog
dedc46b548 Fix SQL injection in rediscover-device (#12716) 
Closes #12697
 2021-04-06 21:57:50 -05:00
SourceDoctor
4b9e480118 Define Port Groups (#12402) 
* Define Port Groups

* .

* .

* .

* API Calls

* .

* .

* .

* minor changes

* .

* update forms

* remove link

* .

* change column settings

* change migration

* change update position

* db migration fix

* .

* .

* .

* add missing doc reference

* update test data

* update test data

* update test data

* .

* .

* .

* .

* .

* .

* .

* .

* port group association in seperate table

* .

* .

* show all found groups on port

* select multiple Portgroups per Port

* change on migration file

* change query to eloquent

* Code changes

* move port group menu to ports main menu

* port group update to eloquent

* .

* .

* update to new setting way

* add missing merge parameter

* Use select2 and port some things to Laravel
some fixes, hopefully no new added bugs

* schema

* don't use on update restrict unfortunately

* remove unused import and revert changes

Co-authored-by: Tony Murray <murraytony@gmail.com>
 2021-04-06 17:25:08 -05:00
Tony Murray
1c379dcd05 Remove legacy function calls (#12651) 
* massive inlines

* fix style and wtf

* remove rrdtool.inc.php include

* fix CommonFunctions namespace issues

* looking for missing class space, fix undefined class issues

* style fixes
 2021-03-29 00:25:30 +02:00
theochita
c5178cf550 webui: Add button to show verbose alert details in the alert, alert-log webui (#12484) 
* Show verbose alert details in the alert, alert-log webui

update file permissions

* Make global admin permission required to use alert details ui

* StyleCI patch

Co-authored-by: root <root@usopsl-libre001.corp.blizzard.net>
 2021-03-06 21:57:06 +01:00
Tony Murray
6e19805bcb remove legacy json format function (#12583) 
* remove legacy json format function

* remove silly use
 2021-03-04 14:55:41 +01:00
Jellyfrog
20b4215204 Swich links to https (#12511) 
* Switch librenms links to https

* Convert librenms links in comments

* Switch gnu.org url to https

* switch php urls to https
 2021-02-09 00:29:04 +01:00
Anthony F. McInerney
5388a20c09 Add Service Templates (#12107) 
* service templates - move to blade - jellyfrog fixes - revert get to find and fix discovery lookup

* service templates - move to blade - wip

* service templates - move to blade - wip

* service templates - move to blade - deprecate delete_service_template

* service templates - move to blade - deprecate delete_service_template

* service templates - move to blade - deprecate remove_service_template

* service templates - move to blade - deprecate remove_service_template

* service templates - move to blade - fix permisson lookup

* service templates - move to blade - fix remove route

* service templates - move to blade - fix remove route

* service templates - move to blade - fix permisson lookup

* service templates - move to blade - fix permisson lookup

* service templates - move to blade - fix permisson lookup

* service templates - move to blade - fix permisson lookup

* service templates - move to blade - fixs

* service templates - move to blade - fixes

* service templates - move to blade - fixes

* service templates - move to blade - fixes

* service templates - move to blade - nullable input?

* service templates - move to blade - nullable input?

* service templates - move to blade - nullable input?

* service templates - move to blade - add selected for device group id and type

* service templates - move to blade - add selected for device group id and type

* service templates - move to blade - add selected for device group id and type

* service templates - move to blade - fix discovery response

* service templates - move to blade - fix device group index display

* service templates - move to blade - add delete to discover_service_template

* service templates - move to blade - add discover all button - function foobar

* service templates - move to blade - add discover all button - function foobar

* service templates - move to blade - add discover all button - function foobar

* service templates - move to blade - fixes

* service templates - move to blade - fixes

* service templates - move to blade - fixes

* service templates - move to blade - button fixes

* service templates - move to blade - button fixes

* service templates - move to blade - button fixes

* service templates - move to blade - attempt route fix

* service templates - move to blade - attempt route fix

* service templates - move to blade - attempt route fix

* service templates - move to blade - attempt route fix

* service templates - move to blade - fix discovery function

* service templates - move to blade - fix discovery function

* service templates - move to blade - fix return values - thanks SourceDoctor

* service templates - move to blade - attempt route fix

* service templates - move to blade - button variable fix

* service templates - move to blade - button variable fix

* service templates - move to blade - button variable fix

* service templates - move to blade - function fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - move to blade - permissions fix

* service templates - add initial api - and model permissions fix

* service templates - add initial api - discovery too

* service templates - add initial api - discovery too

* service templates - merge fix

* service templates - api fixes

* service templates - api fixes

* service templates - remove bad fixe

* service templates - discover null? :)

* service templates - Policy requires Facade?

* service templates - Policy requires Facade?

* service templates - REVERT Policy requires Facade?

* service templates - REVERT Policy requires Facade?

* Revert "service templates - REVERT Policy requires Facade?"

This reverts commit 7752b3e4e5.

* service templates - clean up discover api call

* service templates - clean up discover api call

* service templates - clean up discover api call

* service templates - clean up discover api call

* service templates - clean up discover api call

* service templates - attempt route fix

* Revert "service templates - attempt route fix"

This reverts commit b48970351e.

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template

* service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template

* Revert "service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template"

This reverts commit ef93315db5.

* Revert "service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template"

This reverts commit 73af819a60.

* Revert "service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template"

This reverts commit dd019c3105.

* Revert "service templates - jellyfrog fixes - dbchanged - DeviceGroup relates to Service Template"

This reverts commit 94aaaf7976.

* service templates - jellyfrog fixes - DeviceGroup relates to Service Template

* service templates - fix permissions

* service templates - db service_templates_perms

* service templates - fix permissions

* service templates - fix permissions

* service templates - fix permissions

* service templates - fix permissions

* service templates - fix permissions

* service templates - fix edit.blade missing parameters - still 403 :(

* service templates - jellyfrog -fix route and construct

* service templates - jellyfrog -fix route and construct

* service templates - jellyfrog -fix route and construct

* Revert "service templates - jellyfrog -fix route and construct"

This reverts commit ec1eea7a99.

* service templates - jellyfrog -fix routes

* service templates - jellyfrog -fix services lookup

* service templates - edit blade fixes

* service templates - edit blade fixes - service or services or template or serviceTemplate or service_template good luck

* service templates - edit blade fixes

* service templates - index blade fixes

* service templates - discover return fix

* service templates - remove return fix

* service templates - fix discovery api returns

* service templates - fix discovery api returns

* service templates - fix discovery api returns

* service templates - fix discovery - test

* service templates - fix discovery

* service templates - fix checkbox integer

* service templates - fix checkbox integer

* service templates - fix checkbox integer

* service templates - fix checkbox integer

* service templates - fix checkbox integer

* service templates - fix discover all

* service templates - fix discover all

* service templates - fix discover all

* service templates - fix discover all

* service templates - fix discover all

* service templates - fix discover all

* service templates - fix discover all

* service templates - fix discover

* service templates - fix discover

* service templates - fix discover

* service templates - fix discover

* service templates - fix discover

* service templates - move discover/apply to blade - last of the old functions - wip

* service templates - move discover/apply to blade - last of the old functions - wip

* service templates - move discover/apply to blade - last of the old functions - wip

* service templates - change all relevant to template for sanity

* service templates - inspection fixes

* service templates - inspection fixes

* service templates - inspection fixes

* service templates - murrant fixes - use createOrUpdate - add obervers - fix function call

* service templates - murrant fixes - add ServiceController store - not used

* service templates - murrant fixes - add Observers file)

* service templates - murrant fixes - correct ServiceController

* service templates - murrant fixes - fix observers load

* service templates - observer fix

* service templates - schedule discovery function call fix, cheeky, is this allowed?

* service templates - attempt route fix.

* service templates - attempt route fix 2

* service templates - blade route applyall missing url - ie the route lol

* service templates - blade route applyall missing url - ie the route lol

* service templates - fix routes - bingo!

* service templates - fix routes - bingo!

* service templates - fix blade missing quote

* service templates - jellyfrog fix - remove pluck

* service templates - missing template id on service update

* service templates - jellyfrog fix - add get

* service templates - fix service db defaults / null

* service templates - fix service update

* service templates - fix service update

* service templates - fix service update

* service templates - fix service devicegroup change - obsoletes service_template_change in servicesdb

* service templates - fix service devicegroup change - obsoletes service_template_change in servicesdb

* Add service templates - phpcs fixes - and attemp whereNotIn scope

* Add service templates - styleci

* Add service templates - styleci

* Add service templates - fix notindevicegroup scope

* Add service templates - removed service service_template_changed - not required for delete or update

* Add service templates - removed service service_template_changed - not required for delete or update

* Add service templates - murrant fixes - add protected casts - fix checkbox

* Add service templates - fix checkbox - attempt2

* Add service templates - fix checkbox - attempt3

* Add service templates - fix checkbox - attempt3

* Add service templates - fix checkbox - attempt4

* Add service templates - fix delete row selection

* Revert "Add service templates - fix delete row selection"

This reverts commit 4d9e4990f2.

* Add service templates - fix delete row selection

* Add service templates - fix automatic discovery

* Add service templates - fix automatic discovery

* Add service templates - checkbox - add hidden input

* Add service templates - checkbox - add old value back?

* Add service templates - checkbox - fix disabled

* Add service templates - checkbox - fix disabled

* Add service templates - service fixes - styleci

* Add service templates - make devicegroup required

* Add service templates - let Disable text wrap

* Add service templates - dont allow device group to be deleted when service templates exist

* Add service templates - dont allow device group to be deleted when service templates exist

* Add service templates - enable multiple device groups - wip

* Add service templates - enable multiple device groups - wip

* Add service templates - enable multiple device groups - wip

* Add service templates - enable multiple device groups - dbschema - wip

* Add service templates - enable multiple device groups - db migration - wip

* Add service templates - enable multiple device groups - db migration - wip

* Add service templates - enable multiple device groups - wip

* Add service templates - enable multiple device groups - wip

* Add service templates - enable service template Groups - relationships to device AND device groups

* Add service templates - styleci fixes

* Add service templates - styleci fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - fixes

* Add service templates - db - primarykey issues

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fix migrations

* Add service templates - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - blade view - fixes

* Add service templates - misc update for travis build trigger

* Add service templates - restrict view to only show device/groups that have templates applied

* Add service templates - fix devicegroup update

* remove permissions table stuff

* Fix schema rollback

* fix style

* Update ServiceTemplateController.php

Co-authored-by: Tony Murray <murraytony@gmail.com>
 2021-02-02 00:40:11 -06:00
Adam Bishop
ae38a45b7e Add a button to reset port state history (#12457) 
* Add API function to reset port state

* Log the activity

* Make StyleCI Happy

* Update FAQ.md

Add FAQ explaining problem and use
 2021-01-25 23:13:31 -06:00
SourceDoctor
04f29c2717 Fix Device Dependency Count Limitation (#12332) 2020-11-20 20:58:08 -06:00
Jellyfrog
cfd9dce620 Convert Virtual Machine pages to Laravel (#12287) 
* Convert Virtual Machine pages to Laravel

* wip

* wip

* wip

* wip

* wip

* wip

* delete

* wip

* wip

* move powerStateLabel
 2020-11-11 01:15:20 +01:00
Jellyfrog
29f45ca352 Apply fixes from StyleCI (#12124) 2020-09-21 15:59:34 +02:00
Jellyfrog
0d56bbd946 Apply fixes from StyleCI (#12123) 2020-09-21 15:51:53 +02:00
Jellyfrog
82f43cb98d Apply fixes from StyleCI (#12120) 2020-09-21 15:40:17 +02:00
Tony Murray
020c5fd7e1 Remove legacy code and fix missing device graphs (#11950) 
* removing $graphs global

* remove unused things

* fix some additional graphs

* Fix graphs persisting too soon

* correct name for poller module performance graph

* only one type of graph is used here
 2020-07-23 09:57:22 -05:00
Jellyfrog
2fc037ab23 Convert device notes to blade (#11952) 2020-07-22 09:18:56 -05:00
Jellyfrog
3c78e0ccc7 Add permission support to Oxidized config search (#11928) 2020-07-21 20:34:42 -05:00
Tony Murray
6e6fde94c3 Fix sql injection (#11923) 
in custom oid code

Thanks to loginsoft p.v.t l.t.d india for the report!
Website: https://www.loginsoft.com/
 2020-07-10 10:45:39 +02:00
louis-oui
ad6348af42 Add alert rule error on invert map selected but no selection in device, group or location list (#11894) 
* error on invert map selected but no selection

* error on invert map selected but no selection

* error on invert map selected but no selection
 2020-07-03 11:54:12 +02:00
Tony Murray
a312436bca Edit maintenance schedule, handle timezone properly (#11889) 
Was not properly formatting to user's timezone
Also handle the case where the browser and server timezone don't match
don't show incorrect values in dialog then pop to the correct ones.
Update title on modal to be appropriate
 2020-07-02 17:46:16 -05:00
Tony Murray
04251cdc94 Fix recurring maintenance days 2020-06-25 22:12:21 -05:00
SourceDoctor
6a0366c1e8 Device Maintenance configurable duration (#11821) 
* Device Maintenance configurable duration

* increase hour range

* positionize button

* remove wrench icon
 2020-06-16 14:13:19 +02:00
Tony Murray
eb6370acd4 Fix schedule creation missing id 2020-06-14 12:12:13 -05:00
Tony Murray
13ade9ab6c Merge branch 'master' into alerts-carbon 2020-06-12 07:48:51 -05:00
SourceDoctor
7b93b386a3 Alert Template - sort Alert Rules alphabetic (#11786) 2020-06-07 14:46:33 +02:00
SourceDoctor
5927983c50 Maintenance Mode via Device Settings (#11649) 2020-05-22 15:14:03 +02:00
Vitali Kari
918cf86eae Add acknowledgment notes to eventlog (#11575) 2020-05-09 20:33:50 +02:00
Tony Murray
1c08c11a77 Remove Laravel helpers (#11428) 
* Remove Laravel helpers

* Replace qualifier with import
 2020-04-18 00:37:56 +02:00
Tony Murray
89bfecc926 fix up some ui issues 2020-04-11 11:01:52 -05:00
Tony Murray
cf23336329 Fix SQL to handle outside times 2020-04-11 10:02:07 -05:00
Tony Murray
6b166cd13a WIP UI 2020-04-10 21:20:15 -05:00
Tony Murray
0bca7c99f4 Schedule creation updated 2020-04-10 18:34:55 -05:00
Jellyfrog
69280b3501 Fix dashboard html escaping and javascript redirect (#11370) 2020-04-02 23:33:18 +02:00
PipoCanaja
b29103441e Use format_hostname in dependencies list (#11333) 2020-03-23 19:39:46 +01:00
SourceDoctor
9092988f7b Fallback to default Poller Group on delete (#11278) 
* Fallback to default Poller Group on delete

* rewrite to eloquent

* replace column remove with page reload (refresh everything)

* change access verification check method

* .

* Update PollerGroups.php

Co-authored-by: Tony Murray <murraytony@gmail.com>
 2020-03-20 10:16:49 +01:00
Tony Murray
df16de9d2f Refactor Datastores to allow future improvements. OpenTSDB Tags. (#11283) 
* Datastores to object oriented code, using the Laravel IoC container

Change instantiation
better DI
move OpenTSDB

Small re-orgs

remove unused stuff

Fix graphs and other scripts

Use DI for all except rrd

fix up connection error handling

Add tests, fix up a "few" things
Add Config::forget()

Style fixes

Don't reference legacy code

remove accidental code paste

Add datastores phpunit groups

some tests

* rebase fixes

* some test fixes

* shorter tests

* shorter tests

* Don't except when rrdtool can't be started.

* restore tests

* fix rrd tests

* fix iterable change upstream

* fix isValidDataset

* fix invalid data bug

* fix mysql incorrect ds

* fix issue with data that is too long

* use regular data_update()

* Use log facade

* OpenTSDB mis-ordered arguments fix

* Making a singleton with different options makes different singletons.  Just use the global config settings to disable datastores.

* only filter tags for datastores that won't it don't modify the tags permanently

* Update copyrights to include original authors.

* Stats for all datastores

* Fix mysql sends different rrd / other ds names

* fix snmp last stats not initialized
remove unused function

* remove unused function and move single use function closer to its use

* InfluxDB does not need to update null or U values.
Skip write if all fields are empty

* Fix smart value checks

* fix style issues

* Make sure port data is stored the same way as before for Graphite and OpenTSDB
Add ifIndex tag to all to be compatible

* Missed rrdtool_tune() call

* Test update WIP

* OpenTSDB now includes tags

* fix style
 2020-03-16 09:17:58 -05:00
Joseph Tingiris
83b1374ce7 remove dbDelete() for alert_schedule_items (#11232) 
* the table named alert_schedule_items was renamed to alert_schedulables
* see migration 277
 2020-03-02 20:26:39 -06:00
SourceDoctor
e7f587e9f0 Copy existing Alert Rule (#11195) 2020-02-26 15:07:48 +01:00
SourceDoctor
0bc2ea1f45 Configurable Alert Rule default settings (#11152) 
* configurable Alert Rule default settings

* codeclimate fix#
 2020-02-15 16:18:02 +01:00