search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
reports: Fix id of custom date selector
[ninja.git] / application / controllers / default.php
blob799b9c9854b9dd855f16d8289fc2dbcebe6827bd
1 <?php defined('SYSPATH') OR die('No direct access allowed.');
2
3 require_once('op5/config.php');
4 require_once('op5/log.php');
5
6 /**
7 * Default controller.
8 * Does not require login but should display default page
9 *
10 * op5, and the op5 logo are trademarks, servicemarks, registered servicemarks
11 * or registered trademarks of op5 AB.
12 * All other trademarks, servicemarks, registered trademarks, and registered
13 * servicemarks mentioned herein may be the property of their respective owner(s).
14 * The information contained herein is provided AS IS with NO WARRANTY OF ANY
15 * KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A
16 * PARTICULAR PURPOSE.
17 */
18 class Default_Controller extends Ninja_Controller {
19 public $csrf_config = false;
20 public $route_config = false;
21
22 public function __construct()
23 {
24 parent::__construct();
25 $this->csrf_config = Kohana::config('csrf');
26 $this->route_config = Kohana::config('routes');
27 }
28
29 public function index()
30 {
31 if (ninja_auth::is_locked_out()) {
32 return url::redirect('default/locked_out');
33 }
34 //$this->template-> = $this->add_view('menu');
35 $this->template->title = _('Ninja');
36
37 }
38
39 public function show_login()
40 {
41 $this->template = $this->add_view('login');
42 $this->template->error_msg = $this->session->get('error_msg', false);
43 $this->template->js_header = $this->add_view('js_header');
44 $this->template->js_header->js = array('application/media/js/jquery.js', $this->add_path('/js/login.js'));
45 $this->template->auth_modules = op5auth::instance()->get_metadata('login_screen_dropdown');
46 Event::run('ninja.show_login', $this);
47 }
48
49 /**
50 * Show message (stored in session and set by do_login() below)
51 * to inform that user has been locked out due to too many failed
52 * login attempts
53 */
54 public function locked_out()
55 {
56 echo $this->session->get('error_msg');
57 }
58 /**
59 * Collect user input from login form, authenticate against
60 * Auth module and redirect to controller requested by user.
61 */
62 public function do_login()
63 {
64 # check if we should allow login by GET params
65 if (Kohana::config('auth.use_get_auth')
66 && array_key_exists('username', $_GET)
67 && array_key_exists('password', $_GET)) {
68 $_POST['username'] = $_GET['username'];
69 $_POST['password'] = $_GET['password'];
70 $_POST['auth_method'] = $this->input->get('auth_method', false);
71 }
72
73 if ($_POST) {
74 $post = Validation::factory($_POST);
75 $post->add_rules('*', 'required');
76
77 if(PHP_SAPI !== 'cli' && config::get('cookie.secure') && (!isset($_SERVER['HTTPS']) || !$_SERVER['HTTPS'])) {
78 $this->session->set_flash('error_msg', _('Ninja is configured to only allow logins through the HTTPS protocol. Try to login via HTTPS, or change the config option cookie.secure.'));
79 return url::redirect('default/show_login');
80 }
81
82 # validate that we have both username and password
83 if (!$post->validate() ) {
84 $error_msg = _("Please supply both username and password");
85 $this->session->set_flash('error_msg', $error_msg);
86 return url::redirect('default/show_login');
87 }
88
89 if ($this->csrf_config['csrf_token']!='' && $this->csrf_config['active'] !== false && !csrf::valid($this->input->post($this->csrf_config['csrf_token']))) {
90 $error_msg = _("CSRF tokens did not match.<br />This often happen when your browser opens cached windows (after restarting the browser, for example).<br />Try to login again.");
91 $this->session->set_flash('error_msg', $error_msg);
92 return url::redirect('default/show_login');
93 }
94
95 $username = $this->input->post('username', false);
96 $password = $this->input->post('password', false);
97 $auth_method = $this->input->post('auth_method', false);
98
99 $res = ninja_auth::login_user($username, $password, $auth_method);
100 if ($res !== true) {
101 return url::redirect($res);
102 }
103
104 # might redirect somewhere
105 Event::run('ninja.logged_in');
106
107 $requested_uri = Session::instance()->get('requested_uri', false);
108 if ($requested_uri !== false && $requested_uri == Kohana::config('routes.log_in_form')) {
109 # make sure we don't end up in infinite loop
110 # if user managed to request show_login
111 $requested_uri = Kohana::config('routes.logged_in_default');
112 }
113 if ($requested_uri !== false) {
114 # remove 'requested_uri' from session
115 Session::instance()->delete('requested_uri');
116 return url::redirect($requested_uri);
117 }
118
119 return url::redirect(Kohana::config('routes.logged_in_default'));
120 }
121
122 # trying to login without $_POST is not allowed and shouldn't
123 # even happen - redirecting to default routes
124 if (!isset($auth) || !$auth->logged_in()) {
125 return url::redirect($this->route_config['_default']);
126 } else {
127 return url::redirect($this->route_config['logged_in_default']);
128 }
129 }
130
131 /**
132 * Logout user, remove session and redirect
133 *
134 */
135 public function logout()
136 {
137 Auth::instance()->logout();
138 Session::instance()->destroy();
139 return url::redirect('default/show_login');
140 }
141
142 /**
143 * Display an error message about no available
144 * objects for a valid user. This page is used when
145 * we are using login through apache.
146 */
147 public function no_objects()
148 {
149 # unset some session variables
150 $this->session->delete('username');
151 $this->session->delete('auth_user');
152 $this->session->delete('nagios_access');
153 $this->session->delete('contact_id');
154
155 $this->template = $this->add_view('no_objects');
156 $this->template->error_msg = _("You have been denied access since you aren't authorized for any objects.");
157 }
158
159 /**
160 * Used from CLI calls to detect cli setting and
161 * possibly default access from config file
162 */
163 public function get_cli_status()
164 {
165 if (PHP_SAPI !== "cli") {
166 return url::redirect('default/index');
167 } else {
168 $this->auto_render=false;
169 $cli_access =Kohana::config('config.cli_access');
170 echo $cli_access;
171 }
172 }
173
174 /**
175 * Accept a call from cron to look for scheduled reports to send
176 * @param string $period_str [Daily, Weekly, Monthly, downtime]
177 */
178 public function cron($period_str, $timestamp = false)
179 {
180 if (PHP_SAPI !== "cli") {
181 die("illegal call\n");
182 }
183 set_time_limit(0);
184 ini_set('memory_limit', '-1');
185 $this->auto_render=false;
186 $cli_access = Kohana::config('config.cli_access');
187
188 if (empty($cli_access)) {
189 # CLI access is turned off in config/config.php
190 op5log::instance('ninja')->log('error', 'No cli access');
191 exit(1);
192 }
193
194 $op5_auth = Op5Auth::factory(array('session_key' => false));
195 $op5_auth->force_user(new Op5User_AlwaysAuth());
196
197 if ($period_str === 'downtime') {
198 $sd = new ScheduleDate_Model();
199 $sd->schedule_downtime($timestamp);
200 exit(0);
201 }
202
203 $controller = new Schedule_Controller();
204 try {
205 $controller->cron($period_str);
206 } catch(Exception $e) {
207 $this->log->log('error', $e->getMessage() . ' at ' . $e->getFile() . '@' . $e->getLine());
208 exit(1);
209 }
210 exit(0);
211 }
212 }
This is an effort to rewrite the Nagios GUI in PHP. It uses the Kohana framework to do much of the heavy lifting.