def show_crash_dump_message(crash: 'GUICrashReport', plain_text: bool, fail_silently: bool) -> None:
"""Create a crash dump from a GUI exception and display a message to the user"""
title = _("Internal error")
message = u"%s: %s<br>\n<br>\n" % (title, crash.crash_info["exc_value"])
# Do not reveal crash context information to unauthenticated users or not permitted
# users to prevent disclosure of internal information
if not config.user.may("general.see_crash_reports"):
message += _("An internal error occurred while processing your request. "
"You can report this issue to your Checkmk administrator. "
"Detailed information can be found on the crash report page "
"or in <tt>var/log/web.log</tt>.")
else:
crash_url = html.makeuri(
[
("site", config.omd_site()),
("crash_id", crash.ident_to_text()),
],
filename="crash.py",
)
message += _("An internal error occured while processing your request. "
"You can report this issue to the Checkmk team to help "
"fixing this issue. Please open the <a href=\"%s\">crash report page</a> "
"and use the form for reporting the problem.") % crash_url
if plain_text:
html.set_output_format("text")
html.write("%s\n" % escaping.strip_tags(message))
return
if fail_silently:
return
html.header(title)
html.show_error(message)
html.footer()
def do_log_ack(site, host_name, file_name):
sites.live().set_auth_domain("action")
logs_to_ack = []
if not host_name and not file_name: # all logs on all hosts
for this_site, this_host, logs in all_logs():
for int_filename in logs:
file_display = form_file_to_ext(int_filename)
logs_to_ack.append((this_site, this_host, int_filename, file_display))
elif host_name and not file_name: # all logs on one host
for int_filename in logfiles_of_host(site, host_name):
file_display = form_file_to_ext(int_filename)
logs_to_ack.append((site, host_name, int_filename, file_display))
elif host_name and file_name: # one log on one host
int_filename = form_file_to_int(file_name)
logs_to_ack = [(site, host_name, int_filename, form_file_to_ext(int_filename))]
else:
for this_site, this_host, logs in all_logs():
file_display = form_file_to_ext(file_name)
if file_name in logs:
logs_to_ack.append((this_site, this_host, file_name, file_display))
ack_msg = _get_ack_msg(host_name, file_name)
ack = request.var("_ack")
if not user.may("general.act"):
html.h1(_("Permission denied"), class_=["error"])
html.div(_("You are not allowed to acknowledge %s") % ack_msg, class_=["error"])
html.footer()
return
# filter invalid values
if ack != "1":
raise MKUserError("_ack", _("Invalid value for ack parameter."))
for this_site, this_host, int_filename, display_name in logs_to_ack:
try:
acknowledge_logfile(this_site, this_host, int_filename, display_name)
except Exception as e:
html.show_error(
_("The log file <tt>%s</tt> of host <tt>%s</tt> could not be deleted: %s.")
% (display_name, this_host, e)
)
html.footer()
return
html.show_message(
"<b>%s</b><p>%s</p>"
% (_("Acknowledged %s") % ack_msg, _("Acknowledged all messages in %s.") % ack_msg)
)
html.footer()
def page_graph():
host = html.request.get_str_input_mandatory("host")
service = html.request.get_str_input_mandatory("service")
dsname = html.request.get_str_input_mandatory("dsname")
html.header(_("Prediction for %s - %s - %s") % (host, service, dsname))
# Get current value from perf_data via Livestatus
current_value = get_current_perfdata(host, service, dsname)
pred_dir = prediction.predictions_dir(host, service, dsname)
if not os.path.exists(pred_dir):
raise MKGeneralException(
_("There is currently no prediction information "
"available for this service."))
# Load all prediction information, sort by time of generation
tg_name = html.request.var("timegroup")
timegroup = None
timegroups = [] # type: List[prediction.PredictionInfo]
now = time.time()
for f in os.listdir(pred_dir):
if not f.endswith(".info"):
continue
tg_info = prediction.retrieve_data_for_prediction(
pred_dir + "/" + f,
"<unknown>" if timegroup is None else timegroup)
if tg_info is None:
continue
tg_info["name"] = f[:-5]
timegroups.append(tg_info)
if tg_info["name"] == tg_name or (
tg_name is None and
(tg_info["range"][0] <= now <= tg_info["range"][1])):
timegroup = tg_info
tg_name = tg_info["name"]
timegroups.sort(key=lambda x: x["range"][0])
choices = [(tg_info_["name"], tg_info_["name"].title())
for tg_info_ in timegroups]
if not timegroup:
if not timegroups:
raise MKGeneralException(_("Missing prediction information."))
timegroup = timegroups[0]
tg_name = choices[0][0]
if tg_name is None:
raise Exception("should not happen")
html.begin_form("prediction")
html.write(_("Show prediction for "))
html.dropdown("timegroup",
choices,
deflt=tg_name,
onchange="document.prediction.submit();")
html.hidden_fields()
html.end_form()
# Get prediction data
path = pred_dir + "/" + timegroup["name"]
tg_data = prediction.retrieve_data_for_prediction(path, tg_name)
if tg_data is None:
raise MKGeneralException(_("Missing prediction data."))
swapped = swap_and_compute_levels(tg_data, timegroup['params'])
vertical_range = compute_vertical_range(swapped)
legend = [
("#000000", _("Reference")),
("#ffffff", _("OK area")),
("#ffff00", _("Warning area")),
("#ff0000", _("Critical area")),
]
if current_value is not None:
legend.append(("#0000ff", _("Current value: %.2f") % current_value))
create_graph(timegroup["name"], graph_size, timegroup["range"],
vertical_range, legend)
if "levels_upper" in timegroup['params']:
render_dual_area(swapped["upper_warn"], swapped["upper_crit"],
"#fff000", 0.4)
render_area_reverse(swapped["upper_crit"], "#ff0000", 0.1)
if "levels_lower" in timegroup['params']:
render_dual_area(swapped["lower_crit"], swapped["lower_warn"],
"#fff000", 0.4)
render_area(swapped["lower_crit"], "#ff0000", 0.1)
vscala_low = vertical_range[0]
vscala_high = vertical_range[1]
vert_scala = compute_vertical_scala(vscala_low, vscala_high)
time_scala = [[timegroup["range"][0] + i * 3600,
"%02d:00" % i] for i in range(0, 25, 2)]
render_coordinates(vert_scala, time_scala)
if "levels_lower" in timegroup['params']:
render_dual_area(swapped["average"], swapped["lower_warn"], "#ffffff",
0.5)
render_curve(swapped["lower_warn"], "#e0e000", square=True)
render_curve(swapped["lower_crit"], "#f0b0a0", square=True)
if "levels_upper" in timegroup['params']:
render_dual_area(swapped["upper_warn"], swapped["average"], "#ffffff",
0.5)
render_curve(swapped["upper_warn"], "#e0e000", square=True)
render_curve(swapped["upper_crit"], "#f0b0b0", square=True)
render_curve(swapped["average"], "#000000")
render_curve(swapped["average"], "#000000") # repetition makes line bolder
# Try to get current RRD data and render it also
from_time, until_time = timegroup["range"]
now = time.time()
if from_time <= now <= until_time:
timeseries = prediction.get_rrd_data(host, service, dsname, "MAX",
from_time, until_time)
rrd_data = timeseries.values
render_curve(rrd_data, "#0000ff", 2)
if current_value is not None:
rel_time = (now - prediction.timezone_at(now)) % timegroup["slice"]
render_point(timegroup["range"][0] + rel_time, current_value,
"#0000ff")
html.footer()
def user_profile_async_replication_page() -> None:
sites = list(config.user.authorized_login_sites().keys())
user_profile_async_replication_dialog(sites=sites)
html.footer()
def page_list(cls):
cls.load()
# custom_columns = []
# render_custom_buttons = None
# render_custom_columns = None
# render_custom_context_buttons = None
# check_deletable_handler = None
cls.need_overriding_permission("edit")
html.header(cls.phrase("title_plural"))
html.begin_context_buttons()
html.context_button(cls.phrase("new"), cls.create_url(), "new_" + cls.type_name())
# TODO: Remove this legacy code as soon as views, dashboards and reports have been
# moved to pagetypes.py
html.context_button(_("Views"), "edit_views.py", "view")
html.context_button(_("Dashboards"), "edit_dashboards.py", "dashboard")
def has_reporting():
try:
# The suppression below is OK, we just want to check if the module is there.
import cmk.gui.cee.reporting # noqa: F401 # pylint: disable=unused-variable,redefined-outer-name
return True
except ImportError:
return False
if has_reporting():
html.context_button(_("Reports"), "edit_reports.py", "report")
# ## if render_custom_context_buttons:
# ## render_custom_context_buttons()
for other_type_name, other_pagetype in page_types.items():
if cls.type_name() != other_type_name:
html.context_button(
other_pagetype.phrase("title_plural").title(), '%ss.py' % other_type_name,
other_type_name)
html.end_context_buttons()
# Deletion
delname = html.request.var("_delete")
if delname and html.transaction_valid():
owner = UserId(html.request.get_unicode_input_mandatory('_owner', config.user.id))
try:
instance = cls.instance((owner, delname))
except KeyError:
raise MKUserError(
"_delete",
_("The %s you are trying to delete "
"does not exist.") % cls.phrase("title"))
if not instance.may_delete():
raise MKUserError("_delete", _("You are not permitted to perform this action."))
try:
if owner != config.user.id:
owned_by = _(" (owned by %s)") % owner
else:
owned_by = ""
c = html.confirm(
_("Please confirm the deletion of \"%s\"%s.") % (instance.title(), owned_by))
if c:
cls.remove_instance((owner, delname))
cls.save_user_instances(owner)
html.reload_sidebar()
elif c is False:
html.footer()
return
except MKUserError as e:
html.user_error(e)
# Bulk delete
if html.request.var("_bulk_delete_my") and html.transaction_valid():
if cls._bulk_delete_after_confirm("my") is False:
html.footer()
return
elif html.request.var("_bulk_delete_foreign") and html.transaction_valid():
if cls._bulk_delete_after_confirm("foreign") is False:
html.footer()
return
my_instances, foreign_instances, builtin_instances = cls.get_instances()
for what, title, instances in [
("my", _('Customized'), my_instances),
("foreign", _('Owned by other users'), foreign_instances),
("builtin", _('Builtin'), builtin_instances),
]:
if not instances:
continue
html.open_h3()
html.write(title)
html.close_h3()
if what != "builtin":
html.begin_form("bulk_delete_%s" % what, method="POST")
with table_element(limit=None) as table:
for instance in instances:
table.row()
if what != "builtin" and instance.may_delete():
table.cell(html.render_input(
"_toggle_group",
type_="button",
class_="checkgroup",
onclick="cmk.selection.toggle_all_rows(this.form);",
value='X'),
sortable=False,
css="checkbox")
html.checkbox("_c_%s+%s+%s" % (what, instance.owner(), instance.name()))
# Actions
table.cell(_('Actions'), css='buttons visuals')
# View
if isinstance(instance, PageRenderer):
html.icon_button(instance.page_url(), _("View"), "new_" + cls.type_name())
# Clone / Customize
html.icon_button(instance.clone_url(), _("Create a customized copy of this"),
"clone")
# Delete
if instance.may_delete():
html.icon_button(instance.delete_url(), _("Delete!"), "delete")
# Edit
if instance.may_edit():
html.icon_button(instance.edit_url(), _("Edit"), "edit")
cls.custom_list_buttons(instance)
# Internal ID of instance (we call that 'name')
table.cell(_('ID'), instance.name(), css="narrow")
# Title
table.cell(_('Title'))
html.write_text(instance.render_title())
html.help(_u(instance.description()))
# Custom columns specific to that page type
instance.render_extra_columns(table)
# ## for title, renderer in custom_columns:
# ## table.cell(title, renderer(visual))
# Owner
if instance.is_builtin():
ownertxt = html.render_i(_("builtin"))
else:
ownertxt = instance.owner()
table.cell(_('Owner'), ownertxt)
table.cell(_('Public'), _("yes") if instance.is_public() else _("no"))
table.cell(_('Hidden'), _("yes") if instance.is_hidden() else _("no"))
# FIXME: WTF?!?
# TODO: Haeeh? Another custom columns
# ## if render_custom_columns:
# ## render_custom_columns(visual_name, visual)
if what != "builtin":
html.button("_bulk_delete_%s" % what,
_("Bulk delete"),
"submit",
style="margin-top:10px")
html.hidden_fields()
html.end_form()
html.footer()
return
def _show_form(self, profile_changed: bool) -> None:
assert config.user.id is not None
users = userdb.load_users()
breadcrumb = make_simple_page_breadcrumb(MegaMenuUser,
self._page_title())
html.header(self._page_title(), breadcrumb)
change_reason = html.request.get_ascii_input('reason')
if change_reason == 'expired':
html.p(
_('Your password is too old, you need to choose a new password.'
))
elif change_reason == 'enforced':
html.p(
_('You are required to change your password before proceeding.'
))
if profile_changed:
html.show_message(_("Your password has been changed."))
if change_reason:
raise HTTPRedirect(
html.request.get_str_input_mandatory(
'_origtarget', 'index.py'))
if html.has_user_errors():
html.show_user_errors()
user = users.get(config.user.id)
if user is None:
html.show_warning(_("Sorry, your user account does not exist."))
html.footer()
return
locked_attributes = userdb.locked_attributes(user.get('connector'))
if "password" in locked_attributes:
raise MKUserError(
"cur_password",
_("You can not change your password, because it is "
"managed by another system."))
html.begin_form("profile", method="POST")
html.prevent_password_auto_completion()
html.open_div(class_="wato")
forms.header(self._page_title())
forms.section(_("Current Password"))
html.password_input('cur_password', autocomplete="new-password")
forms.section(_("New Password"))
html.password_input('password', autocomplete="new-password")
forms.section(_("New Password Confirmation"))
html.password_input('password2', autocomplete="new-password")
forms.end()
html.button("_save", _("Save"))
html.close_div()
html.hidden_fields()
html.end_form()
html.footer()
def user_profile_async_replication_page(back_url: str) -> None:
sites = list(user.authorized_login_sites().keys())
user_profile_async_replication_dialog(sites=sites, back_url=back_url)
html.footer()
def do_log_ack(site, host_name, file_name):
logs_to_ack = []
if not host_name and not file_name: # all logs on all hosts
for this_site, this_host, logs in all_logs():
for int_filename in logs:
file_display = form_file_to_ext(int_filename)
logs_to_ack.append(
(this_site, this_host, int_filename, file_display))
ack_msg = _('all logfiles on all hosts')
elif host_name and not file_name: # all logs on one host
for int_filename in logfiles_of_host(site, host_name):
file_display = form_file_to_ext(int_filename)
logs_to_ack.append((site, host_name, int_filename, file_display))
ack_msg = _('all logfiles of host %s') % host_name
elif host_name and file_name: # one log on one host
int_filename = form_file_to_int(file_name)
logs_to_ack = [(site, host_name, int_filename,
form_file_to_ext(int_filename))]
ack_msg = _('the log file %s on host %s') % (file_name, host_name)
else:
for this_site, this_host, logs in all_logs():
file_display = form_file_to_ext(file_name)
if file_name in logs:
logs_to_ack.append(
(this_site, this_host, file_name, file_display))
ack_msg = _('log file %s on all hosts') % file_name
title = _("Acknowledge %s") % html.render_text(ack_msg)
if host_name:
breadcrumb = make_host_breadcrumb(host_name)
else:
breadcrumb = make_simple_page_breadcrumb(MegaMenuMonitoring, title)
html.header(title, breadcrumb)
html.begin_context_buttons()
button_all_logfiles()
if host_name:
html.context_button(_("All Logfiles of Host"),
html.makeuri([('file', '')]))
if host_name and file_name:
html.context_button(_("Back to Logfile"), html.makeuri([]))
html.end_context_buttons()
ack = html.request.var('_ack')
if not html.confirm(
_("Do you really want to acknowledge %s by <b>deleting</b> all stored messages?"
) % ack_msg):
html.footer()
return
if not config.user.may("general.act"):
html.h1(_('Permission denied'), class_=["error"])
html.div(_('You are not allowed to acknowledge %s') % ack_msg,
class_=["error"])
html.footer()
return
# filter invalid values
if ack != '1':
raise MKUserError('_ack', _('Invalid value for ack parameter.'))
for this_site, this_host, int_filename, display_name in logs_to_ack:
try:
acknowledge_logfile(this_site, this_host, int_filename,
display_name)
except Exception as e:
html.show_error(
_('The log file <tt>%s</tt> of host <tt>%s</tt> could not be deleted: %s.'
) % (display_name, this_host, e))
html.footer()
return
html.show_message('<b>%s</b><p>%s</p>' %
(_('Acknowledged %s') % ack_msg,
_('Acknowledged all messages in %s.') % ack_msg))
html.footer()
def _show_page_user_profile(change_pw):
start_async_replication = False
if not config.user.id:
raise MKUserError(None, _('Not logged in.'))
if not config.user.may('general.edit_profile') and not config.user.may(
'general.change_password'):
raise MKAuthException(
_("You are not allowed to edit your user profile."))
if not config.wato_enabled:
raise MKAuthException(
_('User profiles can not be edited (WATO is disabled).'))
success = None
if html.request.has_var('_save') and html.check_transaction():
users = userdb.load_users(lock=True)
try:
# Profile edit (user options like language etc.)
if config.user.may('general.edit_profile'):
if not change_pw:
set_lang = html.get_checkbox('_set_lang')
language = html.request.var('language')
# Set the users language if requested
if set_lang:
if language == '':
language = None
# Set custom language
users[config.user.id]['language'] = language
config.user.language = language
html.set_language_cookie(language)
else:
# Remove the customized language
if 'language' in users[config.user.id]:
del users[config.user.id]['language']
config.user.reset_language()
# load the new language
cmk.gui.i18n.localize(config.user.language)
user = users.get(config.user.id)
if config.user.may('general.edit_notifications'
) and user.get("notifications_enabled"):
value = forms.get_input(
watolib.get_vs_flexible_notifications(),
"notification_method")
users[config.user.id]["notification_method"] = value
# Custom attributes
if config.user.may('general.edit_user_attributes'):
for name, attr in userdb.get_user_attributes():
if attr.user_editable():
if not attr.permission() or config.user.may(
attr.permission()):
vs = attr.valuespec()
value = vs.from_html_vars('ua_' + name)
vs.validate_value(value, "ua_" + name)
users[config.user.id][name] = value
# Change the password if requested
password_changed = False
if config.user.may('general.change_password'):
cur_password = html.request.var('cur_password')
password = html.request.var('password')
password2 = html.request.var('password2', '')
if change_pw:
# Force change pw mode
if not cur_password:
raise MKUserError(
"cur_password",
_("You need to provide your current password."))
if not password:
raise MKUserError(
"password", _("You need to change your password."))
if cur_password == password:
raise MKUserError(
"password",
_("The new password must differ from your current one."
))
if cur_password and password:
if userdb.hook_login(config.user.id,
cur_password) is False:
raise MKUserError("cur_password",
_("Your old password is wrong."))
if password2 and password != password2:
raise MKUserError(
"password2",
_("The both new passwords do not match."))
watolib.verify_password_policy(password)
users[config.user.id]['password'] = hash_password(password)
users[config.user.id]['last_pw_change'] = int(time.time())
if change_pw:
# Has been changed, remove enforcement flag
del users[config.user.id]['enforce_pw_change']
# Increase serial to invalidate old cookies
if 'serial' not in users[config.user.id]:
users[config.user.id]['serial'] = 1
else:
users[config.user.id]['serial'] += 1
password_changed = True
# Now, if in distributed environment where users can login to remote sites,
# set the trigger for pushing the new auth information to the slave sites
# asynchronous
if config.user.authorized_login_sites():
start_async_replication = True
userdb.save_users(users)
if password_changed:
# Set the new cookie to prevent logout for the current user
login.set_auth_cookie(config.user.id)
success = True
except MKUserError as e:
html.add_user_error(e.varname, e)
else:
users = userdb.load_users()
watolib.init_wato_datastructures(with_wato_lock=True)
# When in distributed setup, display the replication dialog instead of the normal
# profile edit dialog after changing the password.
if start_async_replication:
user_profile_async_replication_page()
return
if change_pw:
title = _("Change Password")
else:
title = _("Edit User Profile")
html.header(title)
# Rule based notifications: The user currently cannot simply call the according
# WATO module due to WATO permission issues. So we cannot show this button
# right now.
if not change_pw:
rulebased_notifications = watolib.load_configuration_settings().get(
"enable_rulebased_notifications")
if rulebased_notifications and config.user.may(
'general.edit_notifications'):
html.begin_context_buttons()
url = "wato.py?mode=user_notifications_p"
html.context_button(_("Notifications"), url, "notifications")
html.end_context_buttons()
else:
reason = html.request.var('reason')
if reason == 'expired':
html.p(
_('Your password is too old, you need to choose a new password.'
))
else:
html.p(
_('You are required to change your password before proceeding.'
))
if success:
html.reload_sidebar()
if change_pw:
html.show_message(_("Your password has been changed."))
raise HTTPRedirect(html.request.var('_origtarget', 'index.py'))
else:
html.show_message(_("Successfully updated user profile."))
# Ensure theme changes are applied without additional user interaction
html.immediate_browser_redirect(0.5, html.makeuri([]))
if html.has_user_errors():
html.show_user_errors()
user = users.get(config.user.id)
if user is None:
html.show_warning(_("Sorry, your user account does not exist."))
html.footer()
return
# Returns true if an attribute is locked and should be read only. Is only
# checked when modifying an existing user
locked_attributes = userdb.locked_attributes(user.get('connector'))
def is_locked(attr):
return attr in locked_attributes
html.begin_form("profile", method="POST")
html.prevent_password_auto_completion()
html.open_div(class_="wato")
forms.header(_("Personal Settings"))
if not change_pw:
forms.section(_("Name"), simple=True)
html.write_text(user.get("alias", config.user.id))
if config.user.may(
'general.change_password') and not is_locked('password'):
forms.section(_("Current Password"))
html.password_input('cur_password', autocomplete="new-password")
forms.section(_("New Password"))
html.password_input('password', autocomplete="new-password")
forms.section(_("New Password Confirmation"))
html.password_input('password2', autocomplete="new-password")
if not change_pw and config.user.may('general.edit_profile'):
select_language(user)
# Let the user configure how he wants to be notified
if not rulebased_notifications \
and config.user.may('general.edit_notifications') \
and user.get("notifications_enabled"):
forms.section(_("Notifications"))
html.help(
_("Here you can configure how you want to be notified about host and service problems and "
"other monitoring events."))
watolib.get_vs_flexible_notifications().render_input(
"notification_method", user.get("notification_method"))
if config.user.may('general.edit_user_attributes'):
for name, attr in userdb.get_user_attributes():
if attr.user_editable():
vs = attr.valuespec()
forms.section(_u(vs.title()))
value = user.get(name, vs.default_value())
if not attr.permission() or config.user.may(
attr.permission()):
vs.render_input("ua_" + name, value)
html.help(_u(vs.help()))
else:
html.write(vs.value_to_text(value))
# Save button
forms.end()
html.button("_save", _("Save"))
html.close_div()
html.hidden_fields()
html.end_form()
html.footer()
def _show_login_page(self) -> None:
html.set_render_headfoot(False)
html.add_body_css_class("login")
html.header(get_page_heading(), Breadcrumb(), javascripts=[])
default_origtarget = ("index.py" if requested_file_name(request)
in ["login", "logout"] else makeuri(request, []))
origtarget = request.get_url_input("_origtarget", default_origtarget)
# Never allow the login page to be opened in the iframe. Redirect top page to login page.
# This will result in a full screen login page.
html.javascript("""if(top != self) {
window.top.location.href = location;
}""")
# When someone calls the login page directly and is already authed redirect to main page
if requested_file_name(request) == "login" and _check_auth(request):
raise HTTPRedirect(origtarget)
html.open_div(id_="login")
html.open_div(id_="login_window")
html.open_a(href="https://checkmk.com")
html.img(
src=theme.detect_icon_path(icon_name="logo", prefix="mk-"),
id_="logo",
class_="custom" if theme.has_custom_logo() else None,
)
html.close_a()
html.begin_form("login",
method="POST",
add_transid=False,
action="login.py")
html.hidden_field("_login", "1")
html.hidden_field("_origtarget", origtarget)
html.label("%s:" % _("Username"),
id_="label_user",
class_=["legend"],
for_="_username")
html.br()
html.text_input("_username", id_="input_user")
html.label("%s:" % _("Password"),
id_="label_pass",
class_=["legend"],
for_="_password")
html.br()
html.password_input("_password", id_="input_pass", size=None)
if user_errors:
html.open_div(id_="login_error")
html.show_user_errors()
html.close_div()
html.open_div(id_="button_text")
html.button("_login", _("Login"), cssclass="hot")
html.close_div()
html.close_div()
html.open_div(id_="foot")
if config.login_screen.get("login_message"):
html.open_div(id_="login_message")
html.show_message(config.login_screen["login_message"])
html.close_div()
footer: List[HTML] = []
for title, url, target in config.login_screen.get("footer_links", []):
footer.append(html.render_a(title, href=url, target=target))
if "hide_version" not in config.login_screen:
footer.append(escape_html("Version: %s" % cmk_version.__version__))
footer.append(
HTML("© %s" % html.render_a(
"tribe29 GmbH", href="https://tribe29.com", target="_blank")))
html.write_html(HTML(" - ").join(footer))
if cmk_version.is_raw_edition():
html.br()
html.br()
html.write_text(
_('You can use, modify and distribute Check_MK under the terms of the <a href="%s" target="_blank">'
"GNU GPL Version 2</a>.") % "https://checkmk.com/gpl.html")
html.close_div()
html.set_focus("_username")
html.hidden_fields()
html.end_form()
html.close_div()
html.footer()
def page_crashed(what):
# Do not reveal crash context information to unauthenticated users or not permitted
# users to prevent disclosure of internal information
if not config.user.may("general.see_crash_reports"):
html.header(_("Internal error"))
html.show_error("<b>%s:</b> %s" %
(_("Internal error"), sys.exc_info()[1]))
html.p(
_("An internal error occurred while processing your request. "
"You can report this issue to your Check_MK administrator. "
"Detailed information can be found in <tt>var/log/web.log</tt>.")
)
html.footer()
return
if what == "check":
site = html.request.var("site")
host = html.request.var("host")
service = html.request.var("service")
tardata = get_crash_report_archive_as_string(site, host, service)
else:
tardata = create_gui_crash_report(what)
info = get_crash_info(tardata)
if what == "check":
title = _("Crashed Check Reporting")
else:
title = _("Internal error")
html.header(title)
show_context_buttons(what, tardata)
if html.request.has_var("_report") and html.check_transaction():
details = handle_report_form(tardata, what)
else:
details = {}
if what == "gui":
# Unify different string types from exception messages to a unicode string
exc_value = sys.exc_info()[1]
try:
exc_txt = unicode(exc_value)
except UnicodeDecodeError:
exc_txt = str(exc_value).decode("utf-8")
html.show_error("<b>%s:</b> %s" % (_("Internal error"), exc_txt))
html.p(
_("An internal error occured while processing your request. "
"You can report this issue to the Check_MK team to help "
"fixing this issue. Please use the form below for reporting."))
if info:
warn_about_local_files(info)
show_report_form(what, details)
show_crash_report(info)
show_crash_report_details(info)
else:
report_url = html.makeuri(
[("subject", "Check_MK Crash Report - " + get_version(what))],
filename="mailto:" + get_crash_report_target(what))
html.message(
_("This crash report is in a legacy format and can not be submitted "
"automatically. Please download it manually and send it to <a href=\"%s\">%s</a>"
) % (report_url, get_crash_report_target(what)))
show_old_dump_trace(tardata)
show_agent_output(tardata)
html.footer()
def wato_html_footer(*args, **kwargs):
if not _html_head_open:
return
html.close_div()
html.footer(*args, **kwargs)
def _show_form(self, profile_changed: bool) -> None:
assert config.user.id is not None
users = userdb.load_users()
breadcrumb = make_simple_page_breadcrumb(MegaMenuUser,
self._page_title())
html.header(self._page_title(), breadcrumb)
self._show_context_buttons()
if profile_changed:
html.reload_sidebar()
html.show_message(_("Successfully updated user profile."))
# Ensure theme changes are applied without additional user interaction
html.immediate_browser_redirect(0.5, html.makeuri([]))
if html.has_user_errors():
html.show_user_errors()
user = users.get(config.user.id)
if user is None:
html.show_warning(_("Sorry, your user account does not exist."))
html.footer()
return
html.begin_form("profile", method="POST")
html.prevent_password_auto_completion()
html.open_div(class_="wato")
forms.header(self._page_title())
forms.section(_("Name"), simple=True)
html.write_text(user.get("alias", config.user.id))
select_language(user)
# Let the user configure how he wants to be notified
rulebased_notifications = rulebased_notifications_enabled()
if (not rulebased_notifications
and config.user.may('general.edit_notifications')
and user.get("notifications_enabled")):
forms.section(_("Notifications"))
html.help(
_("Here you can configure how you want to be notified about host and service problems and "
"other monitoring events."))
watolib.get_vs_flexible_notifications().render_input(
"notification_method", user.get("notification_method"))
if config.user.may('general.edit_user_attributes'):
for name, attr in userdb.get_user_attributes():
if attr.user_editable():
vs = attr.valuespec()
forms.section(_u(vs.title()))
value = user.get(name, vs.default_value())
if not attr.permission() or config.user.may(
attr.permission()):
vs.render_input("ua_" + name, value)
html.help(_u(vs.help()))
else:
html.write(vs.value_to_text(value))
forms.end()
html.button("_save", _("Save"))
html.close_div()
html.hidden_fields()
html.end_form()
html.footer()
class UserLoginTwoFactor(Page):
def page(self) -> None:
assert user.id is not None
html.set_render_headfoot(False)
html.add_body_css_class("login")
html.add_body_css_class("two_factor")
html.header(_("Two-factor authentication"),
Breadcrumb(),
javascripts=[])
html.open_div(id_="login")
html.open_div(id_="login_window")
html.open_a(href="https://checkmk.com")
html.img(
src=theme.detect_icon_path(icon_name="logo", prefix="mk-"),
id_="logo",
class_="custom" if theme.has_custom_logo() else None,
)
html.close_a()
if not is_two_factor_login_enabled(user.id):
raise MKGeneralException(
_("Two-factor authentication not enabled"))
html.begin_form("two_factor_login",
method="POST",
add_transid=False,
action="user_login_two_factor.py")
html.prevent_password_auto_completion()
html.hidden_field(
"_origtarget", origtarget :=
request.get_url_input("_origtarget", "index.py"))
if backup_code := request.get_ascii_input("_backup_code"):
if is_two_factor_backup_code_valid(user.id, backup_code):
set_two_factor_completed()
raise HTTPRedirect(origtarget)
html.label(
_("Two-factor authentication"),
for_="webauthn_message",
id_="label_2fa",
class_="legend",
)
html.div("", id_="webauthn_message")
with foldable_container(
treename="webauthn_backup_codes",
id_="backup_container",
isopen=False,
title=_("Use backup code"),
indent=False,
save_state=False,
):
html.label(
"%s:" % _("Backup code"),
id_="label_pass",
class_=["legend"],
for_="_backup_code",
)
html.br()
html.password_input("_backup_code", id_="input_pass", size=None)
html.open_div(id_="button_text")
html.button("_use_backup_code",
_("Use backup code"),
cssclass="hot")
html.close_div()
html.close_div()
if user_errors:
html.open_div(id_="login_error")
html.show_user_errors()
html.close_div()
html.javascript("cmk.webauthn.login()")
html.hidden_fields()
html.end_form()
html.close_div()
html.footer()
def page_version():
html.header(_("Release notes"), _release_notes_breadcrumb())
load_werks()
handle_acknowledgement()
render_werks_table()
html.footer()
def show_file(site, host_name, file_name):
int_filename = form_file_to_int(file_name)
title = _("Logfiles of Host %s: %s") % (host_name, int_filename)
breadcrumb = _show_file_breadcrumb(host_name, title)
html.header(
title, breadcrumb,
_show_file_page_menu(breadcrumb, site, host_name, int_filename))
if request.has_var("_ack") and not request.var("_do_actions") == _("No"):
do_log_ack(site, host_name, file_name)
return
try:
log_chunks = parse_file(site,
host_name,
int_filename,
hidecontext=request.var("_hidecontext",
"no") == "yes")
except Exception as e:
if config.debug:
raise
html.show_error(_("Unable to show logfile: <b>%s</b>") % e)
html.footer()
return
if log_chunks is None:
html.show_error(_("The logfile does not exist on site."))
html.footer()
return
if log_chunks == []:
html.show_message(
_("This logfile contains no unacknowledged messages."))
html.footer()
return
html.open_div(id_="logwatch")
for log in log_chunks:
html.open_table(class_="groupheader")
html.open_tr()
html.td(form_level(log["level"]), class_=form_level(log["level"]))
html.td(form_datetime(log["datetime"]), class_="date")
html.close_tr()
html.close_table()
html.open_table(class_=["section"])
for line in log["lines"]:
html.open_tr(class_=line["class"])
html.open_td(class_="lines")
html.icon_button(
analyse_url(site, host_name, int_filename, line["line"]),
_("Analyze this line"),
"analyze",
)
html.write_text(line["line"].replace(" ", " ").replace(
"\1", "<br>"))
html.close_td()
html.close_tr()
html.close_table()
html.close_div()
html.footer()
def page_graph():
host = html.request.get_str_input_mandatory("host")
service = html.request.get_str_input_mandatory("service")
dsname = html.request.get_str_input_mandatory("dsname")
breadcrumb = make_service_breadcrumb(host, service)
html.header(
_("Prediction for %s - %s - %s") % (host, service, dsname), breadcrumb)
# Get current value from perf_data via Livestatus
current_value = get_current_perfdata(host, service, dsname)
pred_dir = prediction.predictions_dir(host, service, dsname)
(tg_name, timegroup), choices = _load_prediction_information(
tg_name=html.request.var("timegroup"),
pred_dir=pred_dir,
)
html.begin_form("prediction")
html.write(_("Show prediction for "))
html.dropdown("timegroup",
choices,
deflt=tg_name,
onchange="document.prediction.submit();")
html.hidden_fields()
html.end_form()
# Get prediction data
path = pred_dir + "/" + tg_name
tg_data = prediction.retrieve_data_for_prediction(path, tg_name)
if tg_data is None:
raise MKGeneralException(_("Missing prediction data."))
swapped = swap_and_compute_levels(tg_data, timegroup['params'])
vertical_range = compute_vertical_range(swapped)
legend = [
("#000000", _("Reference")),
("#ffffff", _("OK area")),
("#ffff00", _("Warning area")),
("#ff0000", _("Critical area")),
]
if current_value is not None:
legend.append(("#0000ff", _("Current value: %.2f") % current_value))
create_graph(tg_name, graph_size, timegroup["range"], vertical_range,
legend)
if "levels_upper" in timegroup['params']:
render_dual_area(swapped["upper_warn"], swapped["upper_crit"],
"#fff000", 0.4)
render_area_reverse(swapped["upper_crit"], "#ff0000", 0.1)
if "levels_lower" in timegroup['params']:
render_dual_area(swapped["lower_crit"], swapped["lower_warn"],
"#fff000", 0.4)
render_area(swapped["lower_crit"], "#ff0000", 0.1)
vscala_low = vertical_range[0]
vscala_high = vertical_range[1]
vert_scala = compute_vertical_scala(vscala_low, vscala_high)
time_scala = [[timegroup["range"][0] + i * 3600,
"%02d:00" % i] for i in range(0, 25, 2)]
render_coordinates(vert_scala, time_scala)
if "levels_lower" in timegroup['params']:
render_dual_area(swapped["average"], swapped["lower_warn"], "#ffffff",
0.5)
render_curve(swapped["lower_warn"], "#e0e000", square=True)
render_curve(swapped["lower_crit"], "#f0b0a0", square=True)
if "levels_upper" in timegroup['params']:
render_dual_area(swapped["upper_warn"], swapped["average"], "#ffffff",
0.5)
render_curve(swapped["upper_warn"], "#e0e000", square=True)
render_curve(swapped["upper_crit"], "#f0b0b0", square=True)
render_curve(swapped["average"], "#000000")
render_curve(swapped["average"], "#000000") # repetition makes line bolder
# Try to get current RRD data and render it also
from_time, until_time = timegroup["range"]
now = time.time()
if from_time <= now <= until_time:
timeseries = prediction.get_rrd_data(host, service, dsname, "MAX",
from_time, until_time)
rrd_data = timeseries.values
render_curve(rrd_data, "#0000ff", 2)
if current_value is not None:
rel_time = (now - prediction.timezone_at(now)) % timegroup["slice"]
render_point(timegroup["range"][0] + rel_time, current_value,
"#0000ff")
html.footer()
def show_file(site, host_name, file_name):
int_filename = form_file_to_int(file_name)
title = _("Logfiles of Host %s: %s") % (host_name, file_name)
html.header(title, make_host_breadcrumb(host_name))
html.begin_context_buttons()
html.context_button(_("Services"), services_url(site, host_name),
'services')
html.context_button(_("All Logfiles of Host"),
html.makeuri([('file', '')]))
button_all_logfiles()
html.context_button(_("Analyze patterns"),
analyse_url(site, host_name, file_name), 'analyze')
if html.request.var('_hidecontext', 'no') == 'yes':
hide_context_label = _('Show Context')
hide_context_param = 'no'
hide = True
else:
hide_context_label = _('Hide Context')
hide_context_param = 'yes'
hide = False
try:
log_chunks = parse_file(site, host_name, int_filename, hide)
except Exception as e:
if config.debug:
raise
html.end_context_buttons()
html.show_error(_("Unable to show logfile: <b>%s</b>") % e)
html.footer()
return
if log_chunks is None:
html.end_context_buttons()
html.show_error(_("The logfile does not exist."))
html.footer()
return
if log_chunks == []:
html.end_context_buttons()
html.show_message(
_("This logfile contains no unacknowledged messages."))
html.footer()
return
ack_button(site, host_name, int_filename)
html.context_button(hide_context_label,
html.makeuri([('_hidecontext', hide_context_param)]))
html.end_context_buttons()
html.open_div(id_="logwatch")
for log in log_chunks:
html.open_div(class_=["chunk"])
html.open_table(class_=["section"])
html.open_tr()
html.td(form_level(log['level']), class_=form_level(log['level']))
html.td(form_datetime(log['datetime']), class_="date")
html.close_tr()
html.close_table()
for line in log['lines']:
html.open_p(class_=line['class'])
html.icon_button(
analyse_url(site, host_name, file_name, line['line']),
_("Analyze this line"), "analyze")
html.write_text(line['line'].replace(" ", " ").replace(
"\1", "<br>"))
html.close_p()
html.close_div()
html.close_div()
html.footer()
def wato_html_footer(show_footer: bool = True, show_body_end: bool = True) -> None:
if not _html_head_open:
return
html.close_div()
html.footer(show_footer, show_body_end)
def page_version():
html.header(_("Checkmk %s Release Notes") % cmk_version.__version__)
load_werks()
handle_acknowledgement()
render_werks_table()
html.footer()
def page_edit(cls):
back_url = html.get_url_input("back", cls.list_url())
cls.load()
cls.need_overriding_permission("edit")
# Three possible modes:
# "create" -> create completely new page
# "clone" -> like new, but prefill form with values from existing page
# "edit" -> edit existing page
mode = html.request.var('mode', 'edit')
if mode == "create":
title = cls.phrase("create")
page_dict = {
"name": cls.default_name(),
"topic": cls.default_topic(),
}
else:
# Load existing page. visual from disk - and create a copy if 'load_user' is set
page_name = html.request.var("load_name")
if mode == "edit":
title = cls.phrase("edit")
owner_user_id = UserId(
html.request.get_unicode_input_mandatory("owner", config.user.id))
if owner_user_id == config.user.id:
page = cls.find_my_page(page_name)
else:
page = cls.find_foreign_page(owner_user_id, page_name)
if page is None:
raise MKUserError(None,
_("The requested %s does not exist") % cls.phrase("title"))
# TODO FIXME: Looks like a hack
cls.remove_instance((owner_user_id, page_name)) # will be added later again
else: # clone
title = cls.phrase("clone")
load_user = html.request.get_unicode_input(
"load_user") # FIXME: Change varname to "owner"
try:
page = cls.instance((load_user, page_name))
except KeyError:
raise MKUserError(None,
_("The requested %s does not exist") % cls.phrase("title"))
page_dict = page.internal_representation()
html.header(title)
html.begin_context_buttons()
html.context_button(_("Back"), back_url, "back")
html.end_context_buttons()
parameters, keys_by_topic = cls._collect_parameters(mode)
vs = Dictionary(
title=_("General Properties"),
render='form',
optional_keys=False,
elements=parameters,
headers=keys_by_topic,
)
def validate(page_dict):
owner_user_id = UserId(html.request.get_unicode_input_mandatory(
"owner", config.user.id))
page_name = page_dict["name"]
if owner_user_id == config.user.id:
page = cls.find_my_page(page_name)
else:
page = cls.find_foreign_page(owner_user_id, page_name)
if page:
raise MKUserError(
"_p_name",
_("You already have an element with the ID <b>%s</b>") % page_dict["name"])
new_page_dict = forms.edit_valuespec(vs,
page_dict,
validate=validate,
focus="_p_title",
method="POST")
if new_page_dict is not None:
# Take over keys from previous value that are specific to the page type
# and not edited here.
if mode in ("edit", "clone"):
for key, value in page_dict.items():
new_page_dict.setdefault(key, value)
owner = UserId(html.request.get_unicode_input_mandatory("owner", config.user.id))
new_page_dict["owner"] = owner
new_page = cls(new_page_dict)
cls.add_page(new_page)
cls.save_user_instances(owner)
if mode == "create":
redirect_url = new_page.after_create_url() or back_url
else:
redirect_url = back_url
html.immediate_browser_redirect(0.5, redirect_url)
html.show_message(_('Your changes haven been saved.'))
# Reload sidebar.TODO: This code logically belongs to PageRenderer. How
# can we simply move it there?
# TODO: This is not true for all cases. e.g. the BookmarkList is not
# of type PageRenderer but has a dedicated sidebar snapin. Maybe
# the best option would be to make a dedicated method to decide whether
# or not to reload the sidebar.
if new_page_dict.get("hidden") in [ None, False ] \
or new_page_dict.get("hidden") != page_dict.get("hidden"):
html.reload_sidebar()
else:
html.show_localization_hint()
html.footer()
return
def _show_login_page(self) -> None:
html.set_render_headfoot(False)
html.add_body_css_class("login")
html.header(config.get_page_heading(), Breadcrumb(), javascripts=[])
default_origtarget = ("index.py" if html.myfile in ["login", "logout"]
else makeuri(global_request, []))
origtarget = html.get_url_input("_origtarget", default_origtarget)
# Never allow the login page to be opened in the iframe. Redirect top page to login page.
# This will result in a full screen login page.
html.javascript('''if(top != self) {
window.top.location.href = location;
}''')
# When someone calls the login page directly and is already authed redirect to main page
if html.myfile == 'login' and _check_auth(html.request):
raise HTTPRedirect(origtarget)
html.open_div(id_="login")
html.open_div(id_="login_window")
html.div("" if "hide_version" in config.login_screen else
cmk_version.__version__,
id_="version")
html.begin_form("login",
method='POST',
add_transid=False,
action='login.py')
html.hidden_field('_login', '1')
html.hidden_field('_origtarget', origtarget)
html.label("%s:" % _('Username'),
id_="label_user",
class_=["legend"],
for_="_username")
html.br()
html.text_input("_username", id_="input_user")
html.label("%s:" % _('Password'),
id_="label_pass",
class_=["legend"],
for_="_password")
html.br()
html.password_input("_password", id_="input_pass", size=None)
if html.has_user_errors():
html.open_div(id_="login_error")
html.show_user_errors()
html.close_div()
html.open_div(id_="button_text")
html.button("_login", _('Login'))
html.close_div()
html.close_div()
html.open_div(id_="foot")
if config.login_screen.get("login_message"):
html.open_div(id_="login_message")
html.show_message(config.login_screen["login_message"])
html.close_div()
footer: List[Union[HTML, str]] = []
for title, url, target in config.login_screen.get("footer_links", []):
footer.append(html.render_a(title, href=url, target=target))
if "hide_version" not in config.login_screen:
footer.append("Version: %s" % cmk_version.__version__)
footer.append("© %s" % html.render_a(
"tribe29 GmbH", href="https://checkmk.com", target="_blank"))
html.write(HTML(" - ").join(footer))
if cmk_version.is_raw_edition():
html.br()
html.br()
html.write(
_('You can use, modify and distribute Check_MK under the terms of the <a href="%s" target="_blank">'
'GNU GPL Version 2</a>.') % "https://checkmk.com/gpl.html")
html.close_div()
html.set_focus('_username')
html.hidden_fields()
html.end_form()
html.close_div()
html.footer()
def do_log_ack(site, host_name, file_name):
sites.live().set_auth_domain('action')
logs_to_ack = []
if not host_name and not file_name: # all logs on all hosts
for this_site, this_host, logs in all_logs():
for int_filename in logs:
file_display = form_file_to_ext(int_filename)
logs_to_ack.append(
(this_site, this_host, int_filename, file_display))
ack_msg = _('all logfiles on all hosts')
elif host_name and not file_name: # all logs on one host
for int_filename in logfiles_of_host(site, host_name):
file_display = form_file_to_ext(int_filename)
logs_to_ack.append((site, host_name, int_filename, file_display))
ack_msg = _('all logfiles of host %s') % host_name
elif host_name and file_name: # one log on one host
int_filename = form_file_to_int(file_name)
logs_to_ack = [(site, host_name, int_filename,
form_file_to_ext(int_filename))]
ack_msg = _('the log file %s on host %s') % (file_name, host_name)
else:
for this_site, this_host, logs in all_logs():
file_display = form_file_to_ext(file_name)
if file_name in logs:
logs_to_ack.append(
(this_site, this_host, file_name, file_display))
ack_msg = _('log file %s on all hosts') % file_name
ack = html.request.var('_ack')
if not html.confirm(
_("Do you really want to acknowledge %s by <b>deleting</b> all stored messages?"
) % ack_msg):
html.footer()
return
if not config.user.may("general.act"):
html.h1(_('Permission denied'), class_=["error"])
html.div(_('You are not allowed to acknowledge %s') % ack_msg,
class_=["error"])
html.footer()
return
# filter invalid values
if ack != '1':
raise MKUserError('_ack', _('Invalid value for ack parameter.'))
for this_site, this_host, int_filename, display_name in logs_to_ack:
try:
acknowledge_logfile(this_site, this_host, int_filename,
display_name)
except Exception as e:
html.show_error(
_('The log file <tt>%s</tt> of host <tt>%s</tt> could not be deleted: %s.'
) % (display_name, this_host, e))
html.footer()
return
html.show_message('<b>%s</b><p>%s</p>' %
(_('Acknowledged %s') % ack_msg,
_('Acknowledged all messages in %s.') % ack_msg))
html.footer()