* Added support for user timezones and user browser timezone byt default
* Formatting fixes
* Use the timezone for alert log display
also added validation for the timezone because it's being used in SQL.
* Formatting fixes
* Added return type
* Formatting"
* Update the latency graphs to use the user timezone
* Simplify the web routes config
* Update phpstan to ignore type error
* Fixed up the phpstan config
* Reverse phpstan change
* Re-apply phpstan override
* Remove the option to unset the session timezone
* Formatting fix
* Update outge and event logs to use session timezone
* Fix route for the timezone control
* Made the timezone more dynamic
* Fix a logic error that was stopping the timezone from being set automatically on login
* Prevent getPref from being called twice
* again prevent getPref double call
* getPref double call
* Fixed typo made during merge
* Fixed merge error in phpstan-baseline.neon
* Change spaces to tabs in phpstan-baseline.neon
* Update error count
---------
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Add group filter to alertlog widget
* Remove extra characters from settings
* Apply fixes from StyleCI
Co-authored-by: ottorei <ottorei@users.noreply.github.com>
* avoid forcing displayed name, so generate_device_link decides according to LibreNMS config
* same fix for BGP display
* other generate_device_link occurences
* more
* more
* Show verbose alert details in the alert, alert-log webui
update file permissions
* Make global admin permission required to use alert details ui
* StyleCI patch
Co-authored-by: root <root@usopsl-libre001.corp.blizzard.net>
* Device group based access
* Use Permissions class to resolve permissions
Also give port access based on device access
* Convert more pages to use Permissions class
* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json
* Change Models and Permissions
* Clean up ajax_search LIMIT sql
* Convert more pages to use Permissions class
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Remove auth use of $_SESSION
Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()
* revert accidental replacement
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)
Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input
* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
