mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
5c76890373eb2b2d32cb3db4d35339a83af9f6b8
librenms-librenms/app/Http/Controllers/GraphController.php
Tony Murray 5c76890373 Add @signedGraphTag() and @signedGraphUrl() blade directives (#14269) 
* More secure external graph access
Add @signedGraphTag() and @signedGraphUrl() blade directives
Takes either an array of graph variables or a url to a graph
Uses a signed url that is accessible without user login, embeds signature in url to authenticate access
See Laravel Signed Url for more details.
Adds Laravel route to graphs (does not change links to use it yet)
@graphImage requires the other PR
Also APP_URL is required in .env

* missing files from rebase

* Fix url parsing with a get string

* allow width and height to be omitted

* Documentation

* Add to, otherwise it will always be now

* Doc note for to and from relative security

* fix vars.inc.php (Laravel has a dummy url here)
2022-09-03 12:48:43 -05:00

44 lines
1.4 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use LibreNMS\Config;
use LibreNMS\Util\Debug;
use LibreNMS\Util\Url;
class GraphController extends Controller
{
public function __invoke(Request $request, string $path = ''): Response
{
define('IGNORE_ERRORS', true);
include_once base_path('includes/dbFacile.php');
include_once base_path('includes/common.php');
include_once base_path('includes/html/functions.inc.php');
include_once base_path('includes/rewrites.php');
$auth = \Auth::guest(); // if user not logged in, assume we authenticated via signed url, allow_unauth_graphs or allow_unauth_graphs_cidr
$vars = array_merge(Url::parseLegacyPathVars($request->path()), $request->except(['username', 'password']));
if (\Auth::check()) {
// only allow debug for logged in users
Debug::set(! empty($vars['debug']));
}
// TODO, import graph.inc.php code and call Rrd::graph() directly
chdir(base_path());
ob_start();
include base_path('includes/html/graphs/graph.inc.php');
$output = ob_get_clean();
ob_end_clean();
$headers = [];
if (! Debug::isEnabled()) {
$headers['Content-type'] = (Config::get('webui.graph_type') == 'svg' ? 'image/svg+xml' : 'image/png');
}
return response($output, 200, $headers);
}
}
Reference in New Issue View Git Blame Copy Permalink