search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
histogram: Make histograms crash less
[ninja.git] / application / controllers / default.php
blob06535caa05fc898fdb4a1e68315f4ddd14c351a3
1 <?php defined('SYSPATH') OR die('No direct access allowed.');
2
3 require_once('op5/config.php');
4 require_once('op5/log.php');
5
6 /**
7 * Default controller.
8 * Does not require login but should display default page
9 *
10 * op5, and the op5 logo are trademarks, servicemarks, registered servicemarks
11 * or registered trademarks of op5 AB.
12 * All other trademarks, servicemarks, registered trademarks, and registered
13 * servicemarks mentioned herein may be the property of their respective owner(s).
14 * The information contained herein is provided AS IS with NO WARRANTY OF ANY
15 * KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A
16 * PARTICULAR PURPOSE.
17 */
18 class Default_Controller extends Ninja_Controller {
19 public $csrf_config = false;
20 public $route_config = false;
21
22 public function __construct()
23 {
24 parent::__construct();
25 $this->csrf_config = Kohana::config('csrf');
26 $this->route_config = Kohana::config('routes');
27 }
28
29 public function index()
30 {
31 if (ninja_auth::is_locked_out()) {
32 return url::redirect('default/locked_out');
33 }
34 //$this->template-> = $this->add_view('menu');
35 $this->template->title = _('Ninja');
36
37 }
38
39 public function show_login()
40 {
41 $this->template = $this->add_view('login');
42 $this->template->error_msg = $this->session->get('error_msg', false);
43 $this->xtra_js = array('application/media/js/jquery.js', $this->add_path('/js/login.js'));
44 $this->template->auth_modules = op5auth::instance()->get_metadata('login_screen_dropdown');
45 Event::run('ninja.show_login', $this);
46 }
47
48 /**
49 * Show message (stored in session and set by do_login() below)
50 * to inform that user has been locked out due to too many failed
51 * login attempts
52 */
53 public function locked_out()
54 {
55 echo $this->session->get('error_msg');
56 }
57 /**
58 * Collect user input from login form, authenticate against
59 * Auth module and redirect to controller requested by user.
60 */
61 public function do_login()
62 {
63 # check if we should allow login by GET params
64 if (Kohana::config('auth.use_get_auth')
65 && array_key_exists('username', $_GET)
66 && array_key_exists('password', $_GET)) {
67 $_POST['username'] = $_GET['username'];
68 $_POST['password'] = $_GET['password'];
69 $_POST['auth_method'] = $this->input->get('auth_method', false);
70 }
71
72 if ($_POST) {
73 $post = Validation::factory($_POST);
74 $post->add_rules('*', 'required');
75
76 if(PHP_SAPI !== 'cli' && config::get('cookie.secure') && (!isset($_SERVER['HTTPS']) || !$_SERVER['HTTPS'])) {
77 $this->session->set_flash('error_msg', _('Ninja is configured to only allow logins through the HTTPS protocol. Try to login via HTTPS, or change the config option cookie.secure.'));
78 return url::redirect('default/show_login');
79 }
80
81 # validate that we have both username and password
82 if (!$post->validate() ) {
83 $error_msg = _("Please supply both username and password");
84 $this->session->set_flash('error_msg', $error_msg);
85 return url::redirect('default/show_login');
86 }
87
88 if ($this->csrf_config['csrf_token']!='' && $this->csrf_config['active'] !== false && !csrf::valid($this->input->post($this->csrf_config['csrf_token']))) {
89 $error_msg = _("CSRF tokens did not match.<br />This often happen when your browser opens cached windows (after restarting the browser, for example).<br />Try to login again.");
90 $this->session->set_flash('error_msg', $error_msg);
91 return url::redirect('default/show_login');
92 }
93
94 $username = $this->input->post('username', false);
95 $password = $this->input->post('password', false);
96 $auth_method = $this->input->post('auth_method', false);
97
98 $res = ninja_auth::login_user($username, $password, $auth_method);
99 if ($res !== true) {
100 return url::redirect($res);
101 }
102
103 # might redirect somewhere
104 Event::run('ninja.logged_in');
105
106 $requested_uri = Session::instance()->get('requested_uri', false);
107 if ($requested_uri !== false && $requested_uri == Kohana::config('routes.log_in_form')) {
108 # make sure we don't end up in infinite loop
109 # if user managed to request show_login
110 $requested_uri = Kohana::config('routes.logged_in_default');
111 }
112 if ($requested_uri !== false) {
113 # remove 'requested_uri' from session
114 Session::instance()->delete('requested_uri');
115 return url::redirect($requested_uri);
116 }
117
118 return url::redirect(Kohana::config('routes.logged_in_default'));
119 }
120
121 # trying to login without $_POST is not allowed and shouldn't
122 # even happen - redirecting to default routes
123 if (!isset($auth) || !$auth->logged_in()) {
124 return url::redirect($this->route_config['_default']);
125 } else {
126 return url::redirect($this->route_config['logged_in_default']);
127 }
128 }
129
130 /**
131 * Logout user, remove session and redirect
132 *
133 */
134 public function logout()
135 {
136 Auth::instance()->logout();
137 Session::instance()->destroy();
138 return url::redirect('default/show_login');
139 }
140
141 /**
142 * Display an error message about no available
143 * objects for a valid user. This page is used when
144 * we are using login through apache.
145 */
146 public function no_objects()
147 {
148 # unset some session variables
149 $this->session->delete('username');
150 $this->session->delete('auth_user');
151 $this->session->delete('nagios_access');
152 $this->session->delete('contact_id');
153
154 $this->template = $this->add_view('no_objects');
155 $this->template->error_msg = _("You have been denied access since you aren't authorized for any objects.");
156 }
157
158 /**
159 * Used from CLI calls to detect cli setting and
160 * possibly default access from config file
161 */
162 public function get_cli_status()
163 {
164 if (PHP_SAPI !== "cli") {
165 return url::redirect('default/index');
166 } else {
167 $this->auto_render=false;
168 $cli_access =Kohana::config('config.cli_access');
169 echo $cli_access;
170 }
171 }
172
173 /**
174 * Accept a call from cron to look for scheduled reports to send
175 * @param string $period_str [Daily, Weekly, Monthly, downtime]
176 */
177 public function cron($period_str, $timestamp = false)
178 {
179 if (PHP_SAPI !== "cli") {
180 die("illegal call\n");
181 }
182 set_time_limit(0);
183 ini_set('memory_limit', '-1');
184 $this->auto_render=false;
185 $cli_access = Kohana::config('config.cli_access');
186
187 if (empty($cli_access)) {
188 # CLI access is turned off in config/config.php
189 op5log::instance('ninja')->log('error', 'No cli access');
190 exit(1);
191 }
192
193 $op5_auth = Op5Auth::factory(array('session_key' => false));
194 $op5_auth->force_user(new Op5User_AlwaysAuth());
195
196 if ($period_str === 'downtime') {
197 $sd = new ScheduleDate_Model();
198 $sd->schedule_downtime($timestamp);
199 exit(0);
200 }
201
202 $controller = new Schedule_Controller();
203 try {
204 $controller->cron($period_str);
205 } catch(Exception $e) {
206 $this->log->log('error', $e->getMessage() . ' at ' . $e->getFile() . '@' . $e->getLine());
207 exit(1);
208 }
209 exit(0);
210 }
211 }
This is an effort to rewrite the Nagios GUI in PHP. It uses the Kohana framework to do much of the heavy lifting.