protected function GetAttachmentsPosition() { return MetaModel::GetModuleSetting('itop-attachments', 'position', 'relations'); }
public function DisplayAttachments($oObject, WebPage $oPage, $bEditMode = false) { // Exit here if the class is not allowed if (!$this->IsTargetObject($oObject)) { return; } $oSearch = DBObjectSearch::FromOQL("SELECT Attachment WHERE item_class = :class AND item_id = :item_id"); $oSet = new DBObjectSet($oSearch, array(), array('class' => get_class($oObject), 'item_id' => $oObject->GetKey())); if ($this->GetAttachmentsPosition() == 'relations') { $sTitle = $oSet->Count() > 0 ? Dict::Format('Attachments:TabTitle_Count', $oSet->Count()) : Dict::S('Attachments:EmptyTabTitle'); $oPage->SetCurrentTab($sTitle); } $oPage->add_style(<<<EOF .attachment { \tdisplay: inline-block; \ttext-align:center; \tfloat:left; \tpadding:5px;\t } .attachment:hover { \tbackground-color: #e0e0e0; } .attachment img { \tborder: 0; } .attachment a { \ttext-decoration: none; \tcolor: #1C94C4; } .btn_hidden { \tdisplay: none; } .drag_in { \t-webkit-box-shadow:inset 0 0 10px 2px #1C94C4; \tbox-shadow:inset 0 0 10px 2px #1C94C4; } #history .attachment-history-added { \tpadding: 0; \tfloat: none; } EOF ); $oPage->add('<fieldset>'); $oPage->add('<legend>' . Dict::S('Attachments:FieldsetTitle') . '</legend>'); if ($bEditMode) { $sIsDeleteEnabled = $this->m_bDeleteEnabled ? 'true' : 'false'; $iTransactionId = $oPage->GetTransactionId(); $sClass = get_class($oObject); $sTempId = session_id() . '_' . $iTransactionId; $sDeleteBtn = Dict::S('Attachments:DeleteBtn'); $oPage->add_script(<<<EOF \tfunction RemoveAttachment(att_id) \t{ \t\t\$('#attachment_'+att_id).attr('name', 'removed_attachments[]'); \t\t\$('#display_attachment_'+att_id).hide(); \t\t\$('#attachment_plugin').trigger('remove_attachment', [att_id]); \t\treturn false; // Do not submit the form ! \t} EOF ); $oPage->add('<span id="attachments">'); while ($oAttachment = $oSet->Fetch()) { $iAttId = $oAttachment->GetKey(); $oDoc = $oAttachment->Get('contents'); $sFileName = $oDoc->GetFileName(); $sIcon = utils::GetAbsoluteUrlAppRoot() . AttachmentPlugIn::GetFileIcon($sFileName); $sPreview = $oDoc->IsPreviewAvailable() ? 'true' : 'false'; $sDownloadLink = utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=download_document&class=Attachment&id=' . $iAttId . '&field=contents'; $oPage->add('<div class="attachment" id="display_attachment_' . $iAttId . '"><a data-preview="' . $sPreview . '" href="' . $sDownloadLink . '"><img src="' . $sIcon . '"><br/>' . $sFileName . '<input id="attachment_' . $iAttId . '" type="hidden" name="attachments[]" value="' . $iAttId . '"/></a><br/> <input id="btn_remove_' . $iAttId . '" type="button" class="btn_hidden" value="Delete" onClick="RemoveAttachment(' . $iAttId . ');"/> </div>'); } // Suggested attachments are listed here but treated as temporary $aDefault = utils::ReadParam('default', array(), false, 'raw_data'); if (array_key_exists('suggested_attachments', $aDefault)) { $sSuggestedAttachements = $aDefault['suggested_attachments']; if (is_array($sSuggestedAttachements)) { $sSuggestedAttachements = implode(',', $sSuggestedAttachements); } $oSearch = DBObjectSearch::FromOQL("SELECT Attachment WHERE id IN({$sSuggestedAttachements})"); $oSet = new DBObjectSet($oSearch, array()); if ($oSet->Count() > 0) { while ($oAttachment = $oSet->Fetch()) { // Mark the attachments as temporary attachments for the current object/form $oAttachment->Set('temp_id', $sTempId); $oAttachment->DBUpdate(); // Display them $iAttId = $oAttachment->GetKey(); $oDoc = $oAttachment->Get('contents'); $sFileName = $oDoc->GetFileName(); $sIcon = utils::GetAbsoluteUrlAppRoot() . AttachmentPlugIn::GetFileIcon($sFileName); $sDownloadLink = utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=download_document&class=Attachment&id=' . $iAttId . '&field=contents'; $sPreview = $oDoc->IsPreviewAvailable() ? 'true' : 'false'; $oPage->add('<div class="attachment" id="display_attachment_' . $iAttId . '"><a data-preview="' . $sPreview . '" href="' . $sDownloadLink . '"><img src="' . $sIcon . '"><br/>' . $sFileName . '<input id="attachment_' . $iAttId . '" type="hidden" name="attachments[]" value="' . $iAttId . '"/></a><br/> <input id="btn_remove_' . $iAttId . '" type="button" class="btn_hidden" value="Delete" onClick="RemoveAttachment(' . $iAttId . ');"/> </div>'); $oPage->add_ready_script("\$('#attachment_plugin').trigger('add_attachment', [{$iAttId}, '" . addslashes($sFileName) . "']);"); } } } $oPage->add('</span>'); $oPage->add('<div style="clear:both"></div>'); $sMaxUpload = $this->GetMaxUpload(); $oPage->p(Dict::S('Attachments:AddAttachment') . '<input type="file" name="file" id="file"><span style="display:none;" id="attachment_loading"> <img src="../images/indicator.gif"></span> ' . $sMaxUpload); $oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.iframe-transport.js'); $oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.fileupload.js'); $oPage->add_ready_script(<<<EOF \$('#file').fileupload({ \t\turl: GetAbsoluteUrlModulesRoot()+'itop-attachments/ajax.attachment.php', \t\tformData: { operation: 'add', temp_id: '{$sTempId}', obj_class: '{$sClass}' }, dataType: 'json', \t\tpasteZone: null, // Don't accept files via Chrome's copy/paste done: function (e, data) { \t\t\tif(typeof(data.result.error) != 'undefined') \t\t\t{ \t\t\t\tif(data.result.error != '') \t\t\t\t{ \t\t\t\t\talert(data.result.error); \t\t\t\t} \t\t\t\telse \t\t\t\t{ \t\t\t\t\tvar sDownloadLink = GetAbsoluteUrlAppRoot()+'pages/ajax.render.php?operation=download_document&class=Attachment&id='+data.result.att_id+'&field=contents'; \t\t\t\t\t\$('#attachments').append('<div class="attachment" id="display_attachment_'+data.result.att_id+'"><a data-preview="'+data.result.preview+'" href="'+sDownloadLink+'"><img src="'+data.result.icon+'"><br/>'+data.result.msg+'<input id="attachment_'+data.result.att_id+'" type="hidden" name="attachments[]" value="'+data.result.att_id+'"/></a><br/><input type="button" class="btn_hidden" value="{$sDeleteBtn}" onClick="RemoveAttachment('+data.result.att_id+');"/></div>'); \t\t\t\t\tif({$sIsDeleteEnabled}) \t\t\t\t\t{ \t\t\t\t\t\t\$('#display_attachment_'+data.result.att_id).hover( function() { \$(this).children(':button').toggleClass('btn_hidden'); } ); \t\t\t\t\t} \t\t\t\t\t\$('#attachment_plugin').trigger('add_attachment', [data.result.att_id, data.result.msg]); \t\t\t\t} \t\t\t} }, start: function() { \t\$('#attachment_loading').show(); \t\t}, stop: function() { \t\$('#attachment_loading').hide(); \t\t} }); \t\$(document).bind('dragover', function (e) { \t\tvar bFiles = false; \t\tif (e.dataTransfer && e.dataTransfer.types) \t\t{ \t\t\tfor (var i = 0; i < e.dataTransfer.types.length; i++) \t\t\t{ \t\t\t\tif (e.dataTransfer.types[i] == "application/x-moz-nativeimage") \t\t\t\t{ \t\t\t\t\tbFiles = false; // mozilla contains "Files" in the types list when dragging images inside the page, but it also contains "application/x-moz-nativeimage" before \t\t\t\t\tbreak; \t\t\t\t} \t\t\t\t \t\t\t\tif (e.dataTransfer.types[i] == "Files") \t\t\t\t{ \t\t\t\t\tbFiles = true; \t\t\t\t\tbreak; \t\t\t\t} \t\t\t} \t\t} \t \t\tif (!bFiles) return; // Not dragging files \t\t \t\tvar dropZone = \$('#file').closest('fieldset'); \t\tif (!dropZone.is(':visible')) \t\t{ \t\t\t// Hidden, but inside an inactive tab? Higlight the tab \t\t\tvar sTabId = dropZone.closest('.ui-tabs-panel').attr('aria-labelledby'); \t\t\tdropZone = \$('#'+sTabId).closest('li'); \t\t} \t timeout = window.dropZoneTimeout; \t if (!timeout) { \t dropZone.addClass('drag_in'); \t } else { \t clearTimeout(timeout); \t } \t window.dropZoneTimeout = setTimeout(function () { \t window.dropZoneTimeout = null; \t dropZone.removeClass('drag_in'); \t }, 300); \t}); EOF ); $oPage->p('<span style="display:none;" id="attachment_loading">Loading, please wait...</span>'); $oPage->p('<input type="hidden" id="attachment_plugin" name="attachment_plugin"/>'); if ($this->m_bDeleteEnabled) { $oPage->add_ready_script('$(".attachment").hover( function() {$(this).children(":button").toggleClass("btn_hidden"); } );'); } } else { $oPage->add('<span id="attachments">'); if ($oSet->Count() == 0) { $oPage->add(Dict::S('Attachments:NoAttachment')); } else { while ($oAttachment = $oSet->Fetch()) { $iAttId = $oAttachment->GetKey(); $oDoc = $oAttachment->Get('contents'); $sFileName = $oDoc->GetFileName(); $sIcon = utils::GetAbsoluteUrlAppRoot() . AttachmentPlugIn::GetFileIcon($sFileName); $sPreview = $oDoc->IsPreviewAvailable() ? 'true' : 'false'; $sDownloadLink = utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=download_document&class=Attachment&id=' . $iAttId . '&field=contents'; $oPage->add('<div class="attachment" id="attachment_' . $iAttId . '"><a data-preview="' . $sPreview . '" href="' . $sDownloadLink . '"><img src="' . $sIcon . '"><br/>' . $sFileName . '</a><input type="hidden" name="attachments[]" value="' . $iAttId . '"/><br/> </div>'); } } $oPage->add('</span>'); } $oPage->add('</fieldset>'); $sPreviewNotAvailable = addslashes(Dict::S('Attachments:PreviewNotAvailable')); $iMaxWidth = MetaModel::GetModuleSetting('itop-attachments', 'preview_max_width', 290); $oPage->add_ready_script("\$(document).tooltip({ items: '.attachment a', position: { my: 'left top', at: 'right top', using: function( position, feedback ) { \$( this ).css( position ); }}, content: function() { if (\$(this).attr('data-preview') == 'true') { return('<img style=\"max-width:{$iMaxWidth}px\" src=\"'+\$(this).attr('href')+'\"></img>');} else { return '{$sPreviewNotAvailable}'; }}});"); }
foreach ($oIterator as $oNode) { if ($oNode instanceof DisplayableGroupNode) { $aGroups[] = $oNode->GetObjects(); $oNode->SetProperty('group_index', $iGroupIdx); $iGroupIdx++; } } $oP->AddTabContainer('Navigator'); $oP->SetCurrentTabContainer('Navigator'); $sFirstTab = MetaModel::GetConfig()->Get('impact_analysis_first_tab'); $sContextKey = "itop-config-mgmt/relation_context/{$sClass}/{$sRelation}/{$sDirection}"; // Check if the current object supports Attachments, similar to AttachmentPlugin::IsTargetObject $sClassForAttachment = null; $iIdForAttachment = null; if (class_exists('Attachment')) { $aAllowedClasses = MetaModel::GetModuleSetting('itop-attachments', 'allowed_classes', array('Ticket')); foreach ($aAllowedClasses as $sAllowedClass) { if ($oObj instanceof $sAllowedClass) { $iIdForAttachment = $id; $sClassForAttachment = $sClass; } } } // Display the tabs if ($sFirstTab == 'list') { DisplayNavigatorListTab($oP, $aResults, $sRelation, $oObj); $oP->SetCurrentTab(Dict::S('UI:RelationshipGraph')); $oDisplayGraph->Display($oP, $aResults, $sRelation, $oAppContext, array(), $sClassForAttachment, $iIdForAttachment, $sContextKey, array('this' => $oObj)); DisplayNavigatorGroupTab($oP, $aGroups, $sRelation, $oObj); } else { $oP->SetCurrentTab(Dict::S('UI:RelationshipGraph'));
/** * Check the user's password against the LDAP server * Algorithm: * 1) Connect to the LDAP server, using a predefined account (or anonymously) * 2) Search for the specified user, based on a specific search query/pattern * 3) If exactly one user is found, continue, otherwise return false (wrong user or wrong query configured) * 3) Bind again to LDAP using the DN of the found user and the password * 4) If the bind is successful return true, otherwise return false (wrong password) * @param string $sPassword The user's password to validate against the LDAP server * @return boolean True if the password is Ok, false otherwise */ public function CheckCredentials($sPassword) { $sLDAPHost = MetaModel::GetModuleSetting('authent-ldap', 'host', 'localhost'); $iLDAPPort = MetaModel::GetModuleSetting('authent-ldap', 'port', 389); $sDefaultLDAPUser = MetaModel::GetModuleSetting('authent-ldap', 'default_user', ''); $sDefaultLDAPPwd = MetaModel::GetModuleSetting('authent-ldap', 'default_pwd', ''); $hDS = @ldap_connect($sLDAPHost, $iLDAPPort); if ($hDS === false) { $this->LogMessage("ldap_authentication: can not connect to the LDAP server '{$sLDAPHost}' (port: {$iLDAPPort}). Check the configuration file config-itop.php."); return false; } $aOptions = MetaModel::GetModuleSetting('authent-ldap', 'options', array()); foreach ($aOptions as $name => $value) { ldap_set_option($hDS, $name, $value); } if ($bind = @ldap_bind($hDS, $sDefaultLDAPUser, $sDefaultLDAPPwd)) { // Search for the person, using the specified query expression $sLDAPUserQuery = MetaModel::GetModuleSetting('authent-ldap', 'user_query', ''); $sBaseDN = MetaModel::GetModuleSetting('authent-ldap', 'base_dn', ''); $sLogin = $this->Get('login'); $iContactId = $this->Get('contactid'); $sFirstName = ''; $sLastName = ''; $sEMail = ''; if ($iContactId > 0) { $oPerson = MetaModel::GetObject('Person', $iContactId); if (is_object($oPerson)) { $sFirstName = $oPerson->Get('first_name'); $sLastName = $oPerson->Get('name'); $sEMail = $oPerson->Get('email'); } } // %1$s => login // %2$s => first name // %3$s => last name // %4$s => email $sQuery = sprintf($sLDAPUserQuery, $sLogin, $sFirstName, $sLastName, $sEMail); $hSearchResult = @ldap_search($hDS, $sBaseDN, $sQuery); $iCountEntries = $hSearchResult !== false ? @ldap_count_entries($hDS, $hSearchResult) : 0; switch ($iCountEntries) { case 1: // Exactly one entry found, let's check the password by trying to bind with this user $aEntry = ldap_get_entries($hDS, $hSearchResult); $sUserDN = $aEntry[0]['dn']; $bUserBind = @ldap_bind($hDS, $sUserDN, $sPassword); if ($bUserBind !== false && !empty($sPassword)) { ldap_unbind($hDS); return true; // Password Ok } $this->LogMessage("ldap_authentication: wrong password for user: '******'."); return false; // Wrong password break; case 0: // User not found... $this->LogMessage("ldap_authentication: no entry found with the query '{$sQuery}', base_dn = '{$sBaseDN}'. User not found in LDAP."); break; default: // More than one entry... maybe the query is not specific enough... $this->LogMessage("ldap_authentication: several (" . ldap_count_entries($hDS, $hSearchResult) . ") entries match the query '{$sQuery}', base_dn = '{$sBaseDN}', check that the query defined in config-itop.php is specific enough."); } return false; } else { // Trace: invalid default user for LDAP initial binding $this->LogMessage("ldap_authentication: can not bind to the LDAP server '{$sLDAPHost}' (port: {$iLDAPPort}), user='******', pwd='{$sDefaultLDAPPwd}'. Error: '" . ldap_error($hDS) . "'. Check the configuration file config-itop.php."); return false; } }
protected function LogMessage($sMessage, $aData = array()) { if (MetaModel::GetModuleSetting('authent-ldap', 'debug', false) && MetaModel::IsLogEnabledIssue()) { if (MetaModel::IsValidClass('EventIssue')) { $oLog = new EventIssue(); $oLog->Set('message', $sMessage); $oLog->Set('userinfo', ''); $oLog->Set('issue', 'LDAP Authentication'); $oLog->Set('impact', 'User login rejected'); $oLog->Set('data', $aData); $oLog->DBInsertNoReload(); } IssueLog::Error($sMessage); } }