Module: check_mk
Branch: master
Commit: 0d6e828d1ecdc364b92d653c6b4f674f864cdd99
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=0d6e828d1ecdc3…
Author: Moritz Kiemer <mo(a)mathias-kettner.de>
Date: Thu Aug 30 15:46:46 2018 +0200
6217 FIX mgmt_ipmi_sensors: Fix wrong state for IPMI Sensor warnings
Previously IPMI Sensors have been mapped to CRIT when they where
above the "non-critical" but below the "critical" threshold.
This as been fixed to WARN.
FEED-943
Change-Id: I25e52b2c405b8386d6471f8217e925956ed5f5ca
---
.werks/6217 | 12 ++++++++++++
checks/ipmi_sensors.include | 13 +++++++++++--
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/.werks/6217 b/.werks/6217
new file mode 100644
index 0000000..418c056
--- /dev/null
+++ b/.werks/6217
@@ -0,0 +1,12 @@
+Title: mgmt_ipmi_sensors: Fix wrong state for IPMI Sensor warnings
+Level: 1
+Component: checks
+Compatible: compat
+Edition: cre
+Version: 1.6.0i1
+Date: 1535636520
+Class: fix
+
+Previously IPMI Sensors have been mapped to CRIT when they where
+above the "non-critical" but below the "critical" threshold.
+This as been fixed to WARN.
diff --git a/checks/ipmi_sensors.include b/checks/ipmi_sensors.include
index 9930d54..7b36483 100644
--- a/checks/ipmi_sensors.include
+++ b/checks/ipmi_sensors.include
@@ -189,8 +189,17 @@ def inventory_freeipmi(parsed):
def freeipmi_status_txt_mapping(status_txt):
if status_txt is None:
return 3
- elif status_txt in [
- "OK", "Entity Present", "battery presence detected",
+
+ state = {"ok": 0,
+ "warning": 1,
+ "critical": 2, "failed": 2,
+ "unknown": 3,
+ }.get(status_txt.lower())
+ if state is not None:
+ return state
+
+ if status_txt in [
+ "Entity Present", "battery presence detected",
"Drive Presence", "transition to Running", "Device Enabled",
"System full operational, working", "System Restart",
] or \
Module: check_mk
Branch: master
Commit: 489f235273865a05dfd0ee12c825575ddb6ef20b
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=489f235273865a…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Thu Aug 30 16:47:31 2018 +0200
6516 SEC Fixed stored XSS using alert handler config
A user with permission to the alert handler administration could use an alert rule to
store arbitrary javascript code which would then be executed in the context of the browser
of another user with permission to the alert handler administration when viewing the list
of alert handlers.
Change-Id: Iac9e1891ea9a0166f7347d6e7349c3f610b190e6
---
.werks/6516 | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/.werks/6516 b/.werks/6516
new file mode 100644
index 0000000..ecbabc5
--- /dev/null
+++ b/.werks/6516
@@ -0,0 +1,14 @@
+Title: Fixed stored XSS using alert handler config
+Level: 1
+Component: alerts
+Class: security
+Compatible: compat
+Edition: cee
+State: unknown
+Version: 1.6.0i1
+Date: 1535639159
+
+A user with permission to the alert handler administration could use an alert rule to
+store arbitrary javascript code which would then be executed in the context of the browser
+of another user with permission to the alert handler administration when viewing the list
+of alert handlers.
Module: check_mk
Branch: master
Commit: 392b3da42ecede93621bc7048f8710231f896d5a
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=392b3da42ecede…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Aug 29 07:47:52 2018 +0200
6509 Pasting with automatic text splitting in list of input elements
When a dialog is using a self extending list of input elements, like e.g. the
host- and service input fields at the bottom of the "hosts & service parameters"
rule editor, a text can be pasted into the last input field which is then split
by ";" separators. Each of the resulting parts is then added to a dedicated input
field. This is only active for the last (empty) input field.
This makes it a lot easier to populate such dialogs with a longer list of items.
Change-Id: I66c5901f41a1db064e4686bf33d32dcd643efc1d
---
.werks/6509 | 16 +++++++
cmk/gui/valuespec.py | 26 +++++++----
web/htdocs/js/checkmk.js | 112 ++++++++++++++++++++++++++++++++---------------
3 files changed, 110 insertions(+), 44 deletions(-)
diff --git a/.werks/6509 b/.werks/6509
new file mode 100644
index 0000000..b991362
--- /dev/null
+++ b/.werks/6509
@@ -0,0 +1,16 @@
+Title: Pasting with automatic text splitting in list of input elements
+Level: 2
+Component: multisite
+Compatible: compat
+Edition: cre
+Version: 1.6.0i1
+Date: 1535521285
+Class: feature
+
+When a dialog is using a self extending list of input elements, like e.g. the
+host- and service input fields at the bottom of the "hosts & service parameters"
+rule editor, a text can be pasted into the last input field which is then split
+by ";" separators. Each of the resulting parts is then added to a dedicated input
+field. This is only active for the last (empty) input field.
+
+This makes it a lot easier to populate such dialogs with a longer list of items.
diff --git a/cmk/gui/valuespec.py b/cmk/gui/valuespec.py
index 4c550c0..858c463 100644
--- a/cmk/gui/valuespec.py
+++ b/cmk/gui/valuespec.py
@@ -1080,17 +1080,23 @@ class ListOfStrings(ValueSpec):
self._max_entries = kwargs.get("max_entries")
self._separator = kwargs.get("separator", "") # in case of float
+ self._split_on_paste = kwargs.get("split_on_paste", True)
+ self._split_separators = kwargs.get("split_separators", ";")
+
def help(self):
- help_text = ValueSpec.help(self)
+ help_texts = [
+ ValueSpec.help(self),
+ self._valuespec.help(),
+ ]
- field_help = self._valuespec.help()
- if help_text and field_help:
- return help_text + " " + field_help
- elif field_help:
- return field_help
- else:
- return help_text
+ if self._split_on_paste:
+ help_texts.append(_("You may paste a text from your clipboard which contains several "
+ "parts separated by \"%s\" characters into the last input field. The text will "
+ "then be split by these separators and the single parts are added into dedicated "
+ "input fields.") % self._split_separators)
+
+ return " ".join([ t for t in help_texts if t ])
def render_input(self, varprefix, value):
@@ -1123,7 +1129,9 @@ class ListOfStrings(ValueSpec):
html.close_div()
html.div('', style="clear:left;")
html.help(self.help())
- html.javascript("list_of_strings_init('%s');" % varprefix)
+ html.javascript("list_of_strings_init(%s, %s, %s);" %
+ (json.dumps(varprefix), json.dumps(self._split_on_paste),
+ json.dumps(self._split_separators)))
def canonical_value(self):
return []
diff --git a/web/htdocs/js/checkmk.js b/web/htdocs/js/checkmk.js
index c18a388..6a781c4 100644
--- a/web/htdocs/js/checkmk.js
+++ b/web/htdocs/js/checkmk.js
@@ -2004,63 +2004,105 @@ function valuespec_toggle_dropdownn(oDropdown, divid) {
has been rendered. It attaches the onFocus-function to the last
of the input elements. That function will append another
input field as soon as the user focusses the last field. */
-function list_of_strings_init(divid) {
- var oContainer = document.getElementById(divid);
- var oDivChildren = oContainer.getElementsByTagName("div");
- var oLastChild = oDivChildren[oDivChildren.length-1];
- list_of_strings_add_focus(oLastChild);
-}
-
-function list_of_strings_add_focus(oLastChild) {
- /* look for <input> in last child node and attach focus handler to it. */
- var input = oLastChild.getElementsByTagName("input");
- if (input.length == 1) {
- var handler_func = function(e) {
- if (this.value != "") {
- return list_of_strings_extend(this);
+function list_of_strings_init(divid, split_on_paste, split_separators) {
+ var container = document.getElementById(divid);
+ var children = container.getElementsByTagName("div");
+ var last_input = children[children.length-1].getElementsByTagName("input")[0];
+ list_of_strings_add_event_handlers(last_input, split_on_paste, split_separators);
+}
+
+function list_of_strings_add_event_handlers(input, split_on_paste, split_separators) {
+ var handler_func = function(e) {
+ if (this.value != "") {
+ return list_of_strings_extend(this, split_on_paste, split_separators);
+ }
+ };
+
+ input.onfocus = handler_func;
+ input.oninput = handler_func;
+
+ if (split_on_paste) {
+ input.onpaste = function(e) {
+ // Get pasted data via clipboard API
+ var clipboard_data = e.clipboardData || window.clipboardData;
+ var pasted = clipboard_data.getData('Text');
+
+ if (this.value != "")
+ return true; // The field had a value before: Don't do custom stuff
+
+ // When pasting a string, trim separators and then split by the given separators
+ var stripped = pasted.replace(new RegExp("^["+split_separators+"]+|["+split_separators+"]+$", "g"), "");
+ if (stripped == "")
+ return true; // Only separators in clipboard: Don't do custom stuff
+ var splitted = stripped.split(new RegExp("["+split_separators+"]+"));
+
+ // Add splitted parts to the input fields
+ var last_input = this;
+ for (var i = 0; i < splitted.length; i++) {
+ // Put the first item to the current field
+ if (i != 0)
+ last_input = list_of_strings_add_new_field(last_input);
+
+ last_input.value = splitted[i];
}
- };
- input[0].onfocus = handler_func;
- input[0].oninput = handler_func;
+ // Focus the last populated field
+ last_input.focus();
+
+ // And finally add a new empty field to the end (with attached handlers)
+ list_of_strings_extend(last_input, split_on_paste, split_separators);
+
+ // Stop original data actually being pasted
+ return prevent_default_events(e);
+ };
}
}
+function list_of_strings_remove_event_handlers(input) {
+ input.oninput = null;
+ input.onfocus = null;
+ input.onpaste = null;
+}
+
/* Is called when the last input field in a ListOfString gets focus.
In that case a new input field is being appended. */
-function list_of_strings_extend(oInput, j) {
+function list_of_strings_extend(input, split_on_paste, split_separators) {
+ var new_input = list_of_strings_add_new_field(input);
+ /* Move focus function from old last to new last input field */
+ list_of_strings_add_event_handlers(new_input, split_on_paste, split_separators);
+ list_of_strings_remove_event_handlers(input);
+}
+
+
+function list_of_strings_add_new_field(input) {
/* The input field has a unique name like "extra_emails_2" for the field with
the index 2. We need to convert this into "extra_emails_3". */
- var oldName = oInput.name;
- var splitted = oldName.split("_");
+ var old_name = input.name;
+ var splitted = old_name.split("_");
var num = 1 + parseInt(splitted[splitted.length-1]);
splitted[splitted.length-1] = "" + num;
- var newName = splitted.join("_");
+ var new_name = splitted.join("_");
/* Now create a new <div> element as a copy from the current one and
replace this name. We do this by simply copying the HTML code. The
last field is always empty. Remember: ListOfStrings() always renders
one exceeding empty element. */
- var oDiv = oInput.parentNode;
- while (oDiv.parentNode.classList && !oDiv.parentNode.classList.contains("listofstrings"))
- oDiv = oDiv.parentNode;
- var oContainer = oDiv.parentNode;
+ var div = input.parentNode;
+ while (div.parentNode.classList && !div.parentNode.classList.contains("listofstrings"))
+ div = div.parentNode;
+ var container = div.parentNode;
- var oNewDiv = document.createElement("DIV");
- oNewDiv.innerHTML = oDiv.innerHTML.replace('"' + oldName + '"', '"' + newName + '"');
+ var new_div = document.createElement("DIV");
+ new_div.innerHTML = div.innerHTML.replace('"' + old_name + '"', '"' + new_name + '"');
// IE7 does not have quotes in innerHTML, trying to workaround this here.
- oNewDiv.innerHTML = oNewDiv.innerHTML.replace('=' + oldName + ' ', '=' + newName + ' ');
- oNewDiv.innerHTML = oNewDiv.innerHTML.replace('=' + oldName + '>', '=' + newName + '>');
- oContainer.appendChild(oNewDiv);
-
- /* Move focus function from old last to new last input field */
- list_of_strings_add_focus(oNewDiv);
+ new_div.innerHTML = new_div.innerHTML.replace('=' + old_name + ' ', '=' + new_name + ' ');
+ new_div.innerHTML = new_div.innerHTML.replace('=' + old_name + '>', '=' + new_name + '>');
+ container.appendChild(new_div);
- oInput.oninput = null;
- oInput.onfocus = null;
+ return new_div.getElementsByTagName("input")[0];
}
function valuespec_cascading_change(oSelect, varprefix, count) {
Module: check_mk
Branch: master
Commit: 56b059ad1c99ba08a2bc964b51453ecd14ad15ee
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=56b059ad1c99ba…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Aug 29 16:48:04 2018 +0200
6453 FIX LDAP: Users with non-ASCII characters in uid could be created incorrectly
When LDAP users with non-ASCII characters in their user ID are not created by the
LDAP sync but during first login, the user data set was stored in a wrong way
(wrong encoded user ID). This could lead to exceptions when the user tried to
login or when an admin tried to work with the user database.
Change-Id: Iea9ba97ec3146435640341e469cc93226fcfce41
---
.werks/6453 | 14 ++++++++++++++
cmk/gui/plugins/userdb/ldap_connector.py | 2 +-
cmk/gui/userdb.py | 8 ++++++++
3 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/.werks/6453 b/.werks/6453
new file mode 100644
index 0000000..2b1558f
--- /dev/null
+++ b/.werks/6453
@@ -0,0 +1,14 @@
+Title: LDAP: Users with non-ASCII characters in uid could be created incorrectly
+Level: 1
+Component: multisite
+Class: fix
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.6.0i1
+Date: 1535275947
+
+When LDAP users with non-ASCII characters in their user ID are not created by the
+LDAP sync but during first login, the user data set was stored in a wrong way
+(wrong encoded user ID). This could lead to exceptions when the user tried to
+login or when an admin tried to work with the user database.
diff --git a/cmk/gui/plugins/userdb/ldap_connector.py b/cmk/gui/plugins/userdb/ldap_connector.py
index ffa0d47..bed2629 100644
--- a/cmk/gui/plugins/userdb/ldap_connector.py
+++ b/cmk/gui/plugins/userdb/ldap_connector.py
@@ -957,7 +957,7 @@ class LDAPUserConnector(UserConnector):
# authentication which should be rebound again after trying this.
try:
self.bind(user_dn, password)
- result = user_id.encode('utf-8')
+ result = user_id
except:
self._logger.exception(" Exception during authentication (User: %s)", user_id)
result = False
diff --git a/cmk/gui/userdb.py b/cmk/gui/userdb.py
index f63b282..108e01b 100644
--- a/cmk/gui/userdb.py
+++ b/cmk/gui/userdb.py
@@ -586,6 +586,10 @@ def load_users(lock = False):
# will be added later as normal users.
result = {}
for id, user in users.items():
+ # Transform user IDs which were stored with a wrong type
+ if isinstance(id, str):
+ id = id.decode("utf-8")
+
profile = contacts.get(id, {})
profile.update(user)
result[id] = profile
@@ -598,6 +602,10 @@ def load_users(lock = False):
# contacts.mk manually. But we want to support that as
# far as possible.
for id, contact in contacts.items():
+ # Transform user IDs which were stored with a wrong type
+ if isinstance(id, str):
+ id = id.decode("utf-8")
+
if id not in result:
result[id] = contact
result[id]["roles"] = [ "user" ]