1 <?php
defined('SYSPATH') OR die('No direct access allowed.');
3 require_once('op5/config.php');
4 require_once('op5/log.php');
8 * Does not require login but should display default page
10 * op5, and the op5 logo are trademarks, servicemarks, registered servicemarks
11 * or registered trademarks of op5 AB.
12 * All other trademarks, servicemarks, registered trademarks, and registered
13 * servicemarks mentioned herein may be the property of their respective owner(s).
14 * The information contained herein is provided AS IS with NO WARRANTY OF ANY
15 * KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A
18 class Default_Controller
extends Ninja_Controller
{
19 public $csrf_config = false;
20 public $route_config = false;
22 public function __construct()
24 parent
::__construct();
25 $this->csrf_config
= Kohana
::config('csrf');
26 $this->route_config
= Kohana
::config('routes');
29 public function index()
31 if (ninja_auth
::is_locked_out()) {
32 return url
::redirect('default/locked_out');
34 //$this->template-> = $this->add_view('menu');
35 $this->template
->title
= _('Ninja');
39 public function show_login()
41 $this->template
= $this->add_view('login');
42 $this->template
->error_msg
= $this->session
->get('error_msg', false);
43 $this->template
->js
= array('application/media/js/jquery.js', $this->add_path('/js/login.js'));
44 $this->template
->auth_modules
= op5auth
::instance()->get_metadata('login_screen_dropdown');
45 Event
::run('ninja.show_login', $this);
49 * Show message (stored in session and set by do_login() below)
50 * to inform that user has been locked out due to too many failed
53 public function locked_out()
55 echo $this->session
->get('error_msg');
58 * Collect user input from login form, authenticate against
59 * Auth module and redirect to controller requested by user.
61 public function do_login()
63 # check if we should allow login by GET params
64 if (Kohana
::config('auth.use_get_auth')
65 && array_key_exists('username', $_GET)
66 && array_key_exists('password', $_GET)) {
67 $_POST['username'] = $_GET['username'];
68 $_POST['password'] = $_GET['password'];
69 $_POST['auth_method'] = $this->input
->get('auth_method', false);
73 $post = Validation
::factory($_POST);
74 $post->add_rules('*', 'required');
76 if(PHP_SAPI
!== 'cli' && config
::get('cookie.secure') && (!isset($_SERVER['HTTPS']) ||
!$_SERVER['HTTPS'])) {
77 $this->session
->set_flash('error_msg', _('Ninja is configured to only allow logins through the HTTPS protocol. Try to login via HTTPS, or change the config option cookie.secure.'));
78 return url
::redirect('default/show_login');
81 # validate that we have both username and password
82 if (!$post->validate() ) {
83 $error_msg = _("Please supply both username and password");
84 $this->session
->set_flash('error_msg', $error_msg);
85 return url
::redirect('default/show_login');
88 if ($this->csrf_config
['csrf_token']!='' && $this->csrf_config
['active'] !== false && !csrf
::valid($this->input
->post($this->csrf_config
['csrf_token']))) {
89 $error_msg = _("CSRF tokens did not match.<br />This often happen when your browser opens cached windows (after restarting the browser, for example).<br />Try to login again.");
90 $this->session
->set_flash('error_msg', $error_msg);
91 return url
::redirect('default/show_login');
94 $username = $this->input
->post('username', false);
95 $password = $this->input
->post('password', false);
96 $auth_method = $this->input
->post('auth_method', false);
98 $res = ninja_auth
::login_user($username, $password, $auth_method);
100 return url
::redirect($res);
103 # might redirect somewhere
104 Event
::run('ninja.logged_in');
106 $requested_uri = Session
::instance()->get('requested_uri', false);
107 if ($requested_uri !== false && $requested_uri == Kohana
::config('routes.log_in_form')) {
108 # make sure we don't end up in infinite loop
109 # if user managed to request show_login
110 $requested_uri = Kohana
::config('routes.logged_in_default');
112 if ($requested_uri !== false) {
113 # remove 'requested_uri' from session
114 Session
::instance()->delete('requested_uri');
115 return url
::redirect($requested_uri);
118 return url
::redirect(Kohana
::config('routes.logged_in_default'));
121 # trying to login without $_POST is not allowed and shouldn't
122 # even happen - redirecting to default routes
123 if (!isset($auth) ||
!$auth->logged_in()) {
124 return url
::redirect($this->route_config
['_default']);
126 return url
::redirect($this->route_config
['logged_in_default']);
131 * Logout user, remove session and redirect
134 public function logout()
136 Auth
::instance()->logout();
137 Session
::instance()->destroy();
138 return url
::redirect('default/show_login');
142 * Display an error message about no available
143 * objects for a valid user. This page is used when
144 * we are using login through apache.
146 public function no_objects()
148 # unset some session variables
149 $this->session
->delete('username');
150 $this->session
->delete('auth_user');
151 $this->session
->delete('nagios_access');
152 $this->session
->delete('contact_id');
154 $this->template
= $this->add_view('no_objects');
155 $this->template
->error_msg
= _("You have been denied access since you aren't authorized for any objects.");
159 * Used from CLI calls to detect cli setting and
160 * possibly default access from config file
162 public function get_cli_status()
164 if (PHP_SAPI
!== "cli") {
165 return url
::redirect('default/index');
167 $this->auto_render
=false;
168 $cli_access =Kohana
::config('config.cli_access');
174 * Accept a call from cron to look for scheduled reports to send
175 * @param string $period_str [Daily, Weekly, Monthly, downtime]
177 public function cron($period_str, $timestamp = false)
179 if (PHP_SAPI
!== "cli") {
180 die("illegal call\n");
183 ini_set('memory_limit', '-1');
184 $this->auto_render
=false;
185 $cli_access = Kohana
::config('config.cli_access');
187 if (empty($cli_access)) {
188 # CLI access is turned off in config/config.php
189 op5log
::instance('ninja')->log('error', 'No cli access');
193 $op5_auth = Op5Auth
::factory(array('session_key' => false));
194 $op5_auth->force_user(new Op5User_AlwaysAuth());
196 if ($period_str === 'downtime') {
197 $sd = new ScheduleDate_Model();
198 $sd->schedule_downtime($timestamp);
202 $controller = new Schedule_Controller();
204 $controller->cron($period_str);
205 } catch(Exception
$e) {
206 $this->log
->log('error', $e->getMessage() . ' at ' . $e->getFile() . '@' . $e->getLine());