diff options
Diffstat (limited to 'library/Director/Web/Form')
| -rw-r--r-- | library/Director/Web/Form/CloneImportSourceForm.php | 30 | ||||
| -rw-r--r-- | library/Director/Web/Form/CloneSyncRuleForm.php | 26 | ||||
| -rw-r--r-- | library/Director/Web/Form/CsrfToken.php | 2 | ||||
| -rw-r--r-- | library/Director/Web/Form/DbSelectorForm.php | 2 | ||||
| -rw-r--r-- | library/Director/Web/Form/DirectorForm.php | 2 | ||||
| -rw-r--r-- | library/Director/Web/Form/DirectorObjectForm.php | 14 | ||||
| -rw-r--r-- | library/Director/Web/Form/Element/DataFilter.php | 20 | ||||
| -rw-r--r-- | library/Director/Web/Form/Element/ExtensibleSet.php | 2 | ||||
| -rw-r--r-- | library/Director/Web/Form/IcingaObjectFieldLoader.php | 2 | ||||
| -rw-r--r-- | library/Director/Web/Form/IplElement/ExtensibleSetElement.php | 6 | ||||
| -rw-r--r-- | library/Director/Web/Form/QuickForm.php | 4 |
11 files changed, 57 insertions, 53 deletions
diff --git a/library/Director/Web/Form/CloneImportSourceForm.php b/library/Director/Web/Form/CloneImportSourceForm.php index 0849dd4..46dc7a3 100644 --- a/library/Director/Web/Form/CloneImportSourceForm.php +++ b/library/Director/Web/Form/CloneImportSourceForm.php @@ -2,8 +2,10 @@ namespace Icinga\Module\Director\Web\Form; +use gipfl\Web\Form; use Icinga\Module\Director\Data\Exporter; -use ipl\Html\Form; +use Icinga\Module\Director\Data\ObjectImporter; +use Icinga\Module\Director\Db; use ipl\Html\FormDecorator\DdDtDecorator; use gipfl\Translation\TranslationHelper; use gipfl\IcingaWeb2\Url; @@ -36,37 +38,25 @@ class CloneImportSourceForm extends Form ]); } - /** - * @return \Icinga\Module\Director\Db - */ - protected function getTargetDb() - { - return $this->source->getConnection(); - } - - /** - * @throws \Icinga\Module\Director\Exception\DuplicateKeyException - */ public function onSuccess() { - $db = $this->getTargetDb(); + $db = $this->source->getConnection(); + assert($db instanceof Db); $export = (new Exporter($db))->export($this->source); $newName = $this->getElement('source_name')->getValue(); $export->source_name = $newName; - unset($export->originalId); + unset($export->uuid); + if (ImportSource::existsWithName($newName, $db)) { $this->getElement('source_name')->addMessage('Name already exists'); } - $this->newSource = ImportSource::import($export, $db); + $importer = new ObjectImporter($db); + $this->newSource = $importer->import(ImportSource::class, $export); $this->newSource->store(); } public function getSuccessUrl() { - if ($this->newSource === null) { - return parent::getSuccessUrl(); - } else { - return Url::fromPath('director/importsource', ['id' => $this->newSource->get('id')]); - } + return Url::fromPath('director/importsource', ['id' => $this->newSource->get('id')]); } } diff --git a/library/Director/Web/Form/CloneSyncRuleForm.php b/library/Director/Web/Form/CloneSyncRuleForm.php index f90b593..ccd61ec 100644 --- a/library/Director/Web/Form/CloneSyncRuleForm.php +++ b/library/Director/Web/Form/CloneSyncRuleForm.php @@ -2,8 +2,10 @@ namespace Icinga\Module\Director\Web\Form; +use gipfl\Web\Form; use Icinga\Module\Director\Data\Exporter; -use ipl\Html\Form; +use Icinga\Module\Director\Data\ObjectImporter; +use Icinga\Module\Director\Db; use ipl\Html\FormDecorator\DdDtDecorator; use gipfl\Translation\TranslationHelper; use gipfl\IcingaWeb2\Url; @@ -37,40 +39,30 @@ class CloneSyncRuleForm extends Form } /** - * @return \Icinga\Module\Director\Db - */ - protected function getTargetDb() - { - return $this->rule->getConnection(); - } - - /** * @throws \Icinga\Exception\NotFoundError * @throws \Icinga\Module\Director\Exception\DuplicateKeyException */ public function onSuccess() { - $db = $this->getTargetDb(); + $db = $this->rule->getConnection(); + assert($db instanceof Db); $exporter = new Exporter($db); $export = $exporter->export($this->rule); $newName = $this->getValue('rule_name'); $export->rule_name = $newName; - unset($export->originalId); + unset($export->uuid); if (SyncRule::existsWithName($newName, $db)) { $this->getElement('rule_name')->addMessage('Name already exists'); } - $this->newRule = SyncRule::import($export, $db); + $importer = new ObjectImporter($db); + $this->newRule = $importer->import(SyncRule::class, $export); $this->newRule->store(); } public function getSuccessUrl() { - if ($this->newRule === null) { - return parent::getSuccessUrl(); - } else { - return Url::fromPath('director/syncrule', ['id' => $this->newRule->get('id')]); - } + return Url::fromPath('director/syncrule', ['id' => $this->newRule->get('id')]); } } diff --git a/library/Director/Web/Form/CsrfToken.php b/library/Director/Web/Form/CsrfToken.php index 24edf88..f6c29ec 100644 --- a/library/Director/Web/Form/CsrfToken.php +++ b/library/Director/Web/Form/CsrfToken.php @@ -17,7 +17,7 @@ class CsrfToken return false; } - list($seed, $token) = explode('|', $elementValue); + list($seed, $token) = explode('|', $token); if (!is_numeric($seed)) { return false; diff --git a/library/Director/Web/Form/DbSelectorForm.php b/library/Director/Web/Form/DbSelectorForm.php index 52fe5ea..8b4f432 100644 --- a/library/Director/Web/Form/DbSelectorForm.php +++ b/library/Director/Web/Form/DbSelectorForm.php @@ -69,7 +69,7 @@ class DbSelectorForm extends Form $params = []; } - if (array_key_exists($name, $params)) { + if (is_array($params) && array_key_exists($name, $params)) { return $params[$name]; } diff --git a/library/Director/Web/Form/DirectorForm.php b/library/Director/Web/Form/DirectorForm.php index 145be5b..36c0577 100644 --- a/library/Director/Web/Form/DirectorForm.php +++ b/library/Director/Web/Form/DirectorForm.php @@ -34,7 +34,7 @@ abstract class DirectorForm extends QuickForm public static function load() { return new static([ - 'icingaModule' => Icinga::App()->getModuleManager()->getModule('director') + 'icingaModule' => Icinga::app()->getModuleManager()->getModule('director') ]); } diff --git a/library/Director/Web/Form/DirectorObjectForm.php b/library/Director/Web/Form/DirectorObjectForm.php index b70bd7b..abbd4f0 100644 --- a/library/Director/Web/Form/DirectorObjectForm.php +++ b/library/Director/Web/Form/DirectorObjectForm.php @@ -5,6 +5,7 @@ namespace Icinga\Module\Director\Web\Form; use Exception; use gipfl\IcingaWeb2\Url; use Icinga\Authentication\Auth; +use Icinga\Module\Director\Auth\Permission; use Icinga\Module\Director\Data\Db\DbObjectStore; use Icinga\Module\Director\Db; use Icinga\Module\Director\Data\Db\DbObject; @@ -443,7 +444,7 @@ abstract class DirectorObjectForm extends DirectorForm $this->setInheritedValue( $el, $object->getRelatedObjectName($k, $v), - $origins->{"${k}_id"} + $origins->{"{$k}_id"} ); } } @@ -540,7 +541,9 @@ abstract class DirectorObjectForm extends DirectorForm 'inherited_groups', 'applied_groups', 'users', + 'users_var', 'user_groups', + 'user_groups_var', 'apply_to', 'command_id', // Notification 'notification_interval', @@ -788,7 +791,9 @@ abstract class DirectorObjectForm extends DirectorForm return; } - $post = $values = $this->getRequest()->getPost(); + /** @var array $post */ + $post = $this->getRequest()->getPost(); + $values = $post; foreach ($post as $key => $value) { if (preg_match('/^(.+?)_(\d+)__(MOVE_DOWN|MOVE_UP|REMOVE)$/', $key, $m)) { @@ -1239,7 +1244,7 @@ abstract class DirectorObjectForm extends DirectorForm if ($this->hasBeenSent()) { $this->addError($this->translate('No template has been chosen')); } else { - if ($this->hasPermission('director/admin')) { + if ($this->hasPermission(Permission::ADMIN)) { $html = $this->translate('Please define a related template first'); } else { $html = $this->translate('No related template has been provided yet'); @@ -1274,7 +1279,7 @@ abstract class DirectorObjectForm extends DirectorForm 'required' => $required, 'spellcheck' => 'false', 'hideOptions' => $choiceNames, - 'suggest' => "${type}templates", + 'suggest' => "{$type}templates", // 'multiOptions' => $this->optionallyAddFromEnum($enum), 'sorted' => true, 'value' => $this->presetImports, @@ -1516,6 +1521,7 @@ abstract class DirectorObjectForm extends DirectorForm return []; } + /** @var int|string $id */ $id = $object->get('id'); if (array_key_exists($id, $tpl)) { diff --git a/library/Director/Web/Form/Element/DataFilter.php b/library/Director/Web/Form/Element/DataFilter.php index adae07d..7beb651 100644 --- a/library/Director/Web/Form/Element/DataFilter.php +++ b/library/Director/Web/Form/Element/DataFilter.php @@ -2,6 +2,7 @@ namespace Icinga\Module\Director\Web\Form\Element; +use gipfl\Json\JsonString; use Icinga\Data\Filter\Filter; use Icinga\Data\Filter\FilterChain; use Icinga\Data\Filter\FilterExpression; @@ -268,13 +269,13 @@ class DataFilter extends FormElement return Filter::expression( $entry['column'], '=', - json_encode(true) + $this->jsonEncode(true) ); } elseif ($entry['sign'] === 'false') { return Filter::expression( $entry['column'], '=', - json_encode(false) + $this->jsonEncode(false) ); } elseif ($entry['sign'] === 'in') { if (array_key_exists('value', $entry)) { @@ -291,13 +292,13 @@ class DataFilter extends FormElement return Filter::expression( $entry['column'], '=', - json_encode($value) + $this->jsonEncode($value) ); } elseif ($entry['sign'] === 'contains') { $value = array_key_exists('value', $entry) ? $entry['value'] : null; return Filter::expression( - json_encode($value), + $this->jsonEncode($value), '=', $entry['column'] ); @@ -307,11 +308,20 @@ class DataFilter extends FormElement return Filter::expression( $entry['column'], $entry['sign'], - json_encode($value) + $this->jsonEncode($value) ); } } + protected function jsonEncode($string) + { + return preg_replace( + ['/&/u', '/\|/u', '/!/u', '/=/u', '/>/u', '/</u'], + ['\u0026', '\u007c', '\u0021', '\u003d', '\u003e', '\u003c'], + JsonString::encode($string) + ); + } + protected function entryAction($entry) { if (array_key_exists('action', $entry)) { diff --git a/library/Director/Web/Form/Element/ExtensibleSet.php b/library/Director/Web/Form/Element/ExtensibleSet.php index f3c968f..e443b06 100644 --- a/library/Director/Web/Form/Element/ExtensibleSet.php +++ b/library/Director/Web/Form/Element/ExtensibleSet.php @@ -28,7 +28,7 @@ class ExtensibleSet extends FormElement if (! is_array($value)) { throw new InvalidArgumentException(sprintf( 'ExtensibleSet expects to work with Arrays, got %s', - var_export($value, 1) + var_export($value, true) )); } $value = array_filter($value, 'strlen'); diff --git a/library/Director/Web/Form/IcingaObjectFieldLoader.php b/library/Director/Web/Form/IcingaObjectFieldLoader.php index c900edf..ae00855 100644 --- a/library/Director/Web/Form/IcingaObjectFieldLoader.php +++ b/library/Director/Web/Form/IcingaObjectFieldLoader.php @@ -613,7 +613,7 @@ class IcingaObjectFieldLoader $fields = []; /** @var HostFieldHook|ServiceFieldHook $hook */ $type = ucfirst($object->getShortTableName()); - foreach (Hook::all("Director\\${type}Field") as $hook) { + foreach (Hook::all("Director\\{$type}Field") as $hook) { if ($hook->wants($object)) { $id = $object->get('id'); $spec = $hook->getFieldSpec($object); diff --git a/library/Director/Web/Form/IplElement/ExtensibleSetElement.php b/library/Director/Web/Form/IplElement/ExtensibleSetElement.php index a4dbb20..b723d47 100644 --- a/library/Director/Web/Form/IplElement/ExtensibleSetElement.php +++ b/library/Director/Web/Form/IplElement/ExtensibleSetElement.php @@ -26,6 +26,8 @@ class ExtensibleSetElement extends BaseHtmlElement private $description; + private $descriptions; + private $multiOptions; private $validOptions; @@ -109,7 +111,7 @@ class ExtensibleSetElement extends BaseHtmlElement if (null !== $value && ! is_array($value)) { throw new ProgrammingError( 'Got unexpected value, no array: %s', - var_export($value, 1) + var_export($value, true) ); } @@ -323,7 +325,7 @@ class ExtensibleSetElement extends BaseHtmlElement } else { return \sprintf( $this->translate('%s (not an Array!)'), - \var_export($this->inherited, 1) + \var_export($this->inherited, true) ); } } diff --git a/library/Director/Web/Form/QuickForm.php b/library/Director/Web/Form/QuickForm.php index 91c8f00..6100ec9 100644 --- a/library/Director/Web/Form/QuickForm.php +++ b/library/Director/Web/Form/QuickForm.php @@ -620,6 +620,10 @@ abstract class QuickForm extends QuickBaseForm $this->hasBeenSent = true; } elseif ($req->isPost()) { $post = $req->getPost(); + if (! CsrfToken::isValid($post[self::CSRF])) { + throw new Exception('Invalid CSRF token provided'); + } + $this->hasBeenSent = array_key_exists(self::ID, $post) && $post[self::ID] === $this->getName(); } else { |