Example #1
0
def page_index():
    default_start_url = config.user.get_attribute(
        "start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    if '://' in start_url:
        start_url = default_start_url

    # Also prevent using of "javascript:" URLs which could used to inject code
    if start_url.lower().startswith('javascript:'):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(config.omd_site()).get(
            'alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write(
        '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">\n'
        '<html><head>\n')
    html.default_html_headers()
    html.write("""<title>%s</title>
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Example #2
0
def page_index():
    default_start_url = config.user.get("start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    if '://' in start_url:
        start_url = default_start_url

    # Also prevent using of "javascript:" URLs which could used to inject code
    if start_url.startswith('javascript:'):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(defaults.omd_site).get('alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write("""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<html>
<head>
 <title>%s</title>
 <meta http-equiv="X-UA-Compatible" content="IE=edge" />
 <link rel="shortcut icon" href="images/favicon.ico" type="image/ico">
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Example #3
0
def page_index():
    default_start_url = config.user.get("start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    if '://' in start_url:
        start_url = default_start_url

    # Also prevent using of "javascript:" URLs which could used to inject code
    if start_url.lower().startswith('javascript:'):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(defaults.omd_site).get(
            'alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write(
        """<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<html>
<head>
 <title>%s</title>
 <meta http-equiv="X-UA-Compatible" content="IE=edge" />
 <link rel="shortcut icon" href="images/favicon.ico" type="image/ico">
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Example #4
0
def page_index():
    default_start_url = config.user.get("start_url") or config.start_url
    start_url = html.var("start_url", default_start_url)
    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages
    if '://' in start_url:
        start_url = default_start_url

    # Do not cache the index page -> caching problems when page is accessed
    # while not logged in
    #html.req.headers_out.add("Cache-Control", "max-age=7200, public");
    html.req.headers_out.add("Cache-Control", "no-cache");
    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(defaults.omd_site).get('alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write("""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<html>
<head>
 <title>%s</title>
 <meta http-equiv="X-UA-Compatible" content="IE=edge" />
 <link rel="shortcut icon" href="images/favicon.ico" type="image/ico">
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (heading, start_url))
Example #5
0
def site_cookie_name(site_id=None):
    if not site_id:
        url_prefix = defaults.url_prefix
    else:
        url_prefix = config.site(site_id)['url_prefix']

    # Strip of eventual present "http://<host>". DIRTY!
    if url_prefix.startswith('http:'):
        url_prefix = url_prefix[url_prefix[7:].find('/') + 7:]

    name = os.path.dirname(url_prefix).replace('/', '_')
    return 'auth%s' % name
Example #6
0
def site_selector(html, htmlvar, enforce = True):
    if not config.is_multisite():
        choices = [("", _("(local)"))]
    else:
        if enforce:
            choices = []
        else:
            choices = [("","")]
        for sitename, state in html.site_status.items():
            if state["state"] == "online":
                choices.append((sitename, config.site(sitename)["alias"]))
    html.sorted_select(htmlvar, choices)
Example #7
0
def site_cookie_name(site_id = None):
    if not site_id:
        url_prefix = defaults.url_prefix
    else:
        url_prefix = config.site(site_id)['url_prefix']

    # Strip of eventual present "http://<host>". DIRTY!
    if url_prefix.startswith('http:'):
        url_prefix = url_prefix[url_prefix[7:].find('/') + 7:]

    name = os.path.dirname(url_prefix).replace('/', '_')
    return 'auth%s' % name
Example #8
0
def site_cookie_name(site_id=None):
    if not site_id:
        url_prefix = defaults.url_prefix
    else:
        url_prefix = config.site(site_id)["url_prefix"]

    # Strip of eventual present "http://<host>". DIRTY!
    if url_prefix.startswith("http:"):
        url_prefix = url_prefix[url_prefix[7:].find("/") + 7 :]

    name = os.path.dirname(url_prefix).replace("/", "_")
    return "auth%s" % name
Example #9
0
def connect_single_site():
    global _live
    _live = livestatus.SingleSiteConnection("unix:" + defaults.livestatus_unix_socket)
    _live.set_timeout(3) # default timeout is 3 seconds

    set_initial_site_states({"": config.site("")}, {})

    v1, v2, ps = _live.query_row("GET status\nColumns: livestatus_version program_version program_start")
    update_local_site_status({
        "state"              : "online",
        "livestatus_version" : v1,
        "program_version"    : v2,
        "program_start"      : ps,
    })
Example #10
0
def page_index():
    default_start_url = config.user.get_attribute(
        "start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    # Also prevent using of "javascript:" URLs which could used to inject code
    parsed = urlparse.urlparse(start_url)

    # Don't allow the user to set a URL scheme
    if parsed.scheme != "":
        start_url = default_start_url

    # Don't allow the user to set a network location
    if parsed.netloc != "":
        start_url = default_start_url

    # Don't allow bad characters in path
    if not re.match("[/a-z0-9_\.-]*$", parsed.path):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(config.omd_site()).get(
            'alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write(
        '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">\n'
        '<html><head>\n')
    html.default_html_headers()
    html.write("""<title>%s</title>
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Example #11
0
File: main.py Project: v-a/check_mk
def page_index():
    start_url = html.var("start_url", config.start_url)
    # Do not cache the index page -> caching problems when page is accessed
    # while not logged in
    #html.req.headers_out.add("Cache-Control", "max-age=7200, public");
    html.req.headers_out.add("Cache-Control", "no-cache");
    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(defaults.omd_site).get('alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write("""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<html>
<head>
 <title>%s</title>
 <link rel="shortcut icon" href="images/favicon.ico" type="image/ico">
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (heading, start_url))
Example #12
0
def page_index():
    default_start_url = config.user.get_attribute("start_url") or config.start_url
    start_url = html.var("start_url", default_start_url).strip()

    # Prevent redirecting to absolute URL which could be used to redirect
    # users to compromised pages.
    # Also prevent using of "javascript:" URLs which could used to inject code
    parsed = urlparse.urlparse(start_url)

    # Don't allow the user to set a URL scheme
    if parsed.scheme != "":
        start_url = default_start_url

    # Don't allow the user to set a network location
    if parsed.netloc != "":
        start_url = default_start_url

    # Don't allow bad characters in path
    if not re.match("[/a-z0-9_\.-]*$", parsed.path):
        start_url = default_start_url

    if "%s" in config.page_heading:
        heading = config.page_heading % (config.site(config.omd_site()).get('alias', _("Multisite")))
    else:
        heading = config.page_heading

    html.write('<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">\n'
               '<html><head>\n')
    html.default_html_headers()
    html.write("""<title>%s</title>
</head>
<frameset cols="280,*" frameborder="0" framespacing="0" border="0">
    <frame src="side.py" name="side" noresize scrolling="no">
    <frame src="%s" name="main" noresize>
</frameset>
</html>
""" % (html.attrencode(heading), html.attrencode(start_url)))
Example #13
0
def connect_to_livestatus(html):
    html.site_status = {}
    # site_status keeps a dictionary for each site with the following
    # keys:
    # "state"              --> "online", "disabled", "down", "unreach", "dead" or "waiting"
    # "exception"          --> An error exception in case of down, unreach, dead or waiting
    # "status_host_state"  --> host state of status host (0, 1, 2 or None)
    # "livestatus_version" --> Version of sites livestatus if "online"
    # "program_version"    --> Version of Nagios if "online"

    # If there is only one site (non-multisite), than
    # user cannot enable/disable.
    if config.is_multisite():
        # do not contact those sites the user has disabled.
        # Also honor HTML-variables for switching off sites
        # right now. This is generally done by the variable
        # _site_switch=sitename1:on,sitename2:off,...
        switch_var = html.var("_site_switch")
        if switch_var:
            for info in switch_var.split(","):
                sitename, onoff = info.split(":")
                d = config.user_siteconf.get(sitename, {})
                if onoff == "on":
                    d["disabled"] = False
                else:
                    d["disabled"] = True
                config.user_siteconf[sitename] = d
            config.save_site_config()

        # Make lists of enabled and disabled sites
        enabled_sites = {}
        disabled_sites = {}

        for sitename, site in config.allsites().items():
            siteconf = config.user_siteconf.get(sitename, {})
            if siteconf.get("disabled", False):
                html.site_status[sitename] = {
                    "state": "disabled",
                    "site": site
                }
                disabled_sites[sitename] = site
            else:
                html.site_status[sitename] = {"state": "dead", "site": site}
                enabled_sites[sitename] = site

        html.live = livestatus.MultiSiteConnection(enabled_sites,
                                                   disabled_sites)

        # Fetch status of sites by querying the version of Nagios and livestatus
        html.live.set_prepend_site(True)
        for sitename, v1, v2, ps, num_hosts, num_services in html.live.query(
                "GET status\n"
                "Columns: livestatus_version program_version program_start num_hosts num_services"
        ):
            html.site_status[sitename].update({
                "state": "online",
                "livestatus_version": v1,
                "program_version": v2,
                "program_start": ps,
                "num_hosts": num_hosts,
                "num_services": num_services,
            })
        html.live.set_prepend_site(False)

        # Get exceptions in case of dead sites
        for sitename, deadinfo in html.live.dead_sites().items():
            html.site_status[sitename]["exception"] = deadinfo["exception"]
            shs = deadinfo.get("status_host_state")
            html.site_status[sitename]["status_host_state"] = shs
            if shs == None:
                statename = "dead"
            else:
                statename = {
                    1: "down",
                    2: "unreach",
                    3: "waiting",
                }.get(shs, "unknown")
            html.site_status[sitename]["state"] = statename

    else:
        html.live = livestatus.SingleSiteConnection(
            "unix:" + defaults.livestatus_unix_socket)
        html.live.set_timeout(10)  # default timeout is 10 seconds
        html.site_status = {'': {"state": "dead", "site": config.site('')}}
        v1, v2, ps = html.live.query_row(
            "GET status\nColumns: livestatus_version program_version program_start"
        )
        html.site_status[''].update({
            "state": "online",
            "livestatus_version": v1,
            "program_version": v2,
            "program_start": ps
        })

    # If Multisite is retricted to data user is a nagios contact for,
    # we need to set an AuthUser: header for livestatus
    if not config.may("general.see_all"):
        html.live.set_auth_user('read', config.user_id)
        html.live.set_auth_user('action', config.user_id)

    # May the user see all objects in BI aggregations or only some?
    if not config.may("bi.see_all"):
        html.live.set_auth_user('bi', config.user_id)

    # Default auth domain is read. Please set to None to switch off authorization
    html.live.set_auth_domain('read')
Example #14
0
def connect_to_livestatus(html):
    html.site_status = {}
    # site_status keeps a dictionary for each site with the following
    # keys:
    # "state"              --> "online", "disabled", "down", "unreach", "dead" or "waiting"
    # "exception"          --> An error exception in case of down, unreach, dead or waiting
    # "status_host_state"  --> host state of status host (0, 1, 2 or None)
    # "livestatus_version" --> Version of sites livestatus if "online"
    # "program_version"    --> Version of Nagios if "online"

    # If there is only one site (non-multisite), than
    # user cannot enable/disable.
    if config.is_multisite():
        # do not contact those sites the user has disabled.
        # Also honor HTML-variables for switching off sites
        # right now. This is generally done by the variable
        # _site_switch=sitename1:on,sitename2:off,...
        switch_var = html.var("_site_switch")
        if switch_var:
            for info in switch_var.split(","):
                sitename, onoff = info.split(":")
                d = config.user_siteconf.get(sitename, {})
                if onoff == "on":
                    d["disabled"] = False
                else:
                    d["disabled"] = True
                config.user_siteconf[sitename] = d
            config.save_site_config()

        # Make lists of enabled and disabled sites
        enabled_sites = {}
        disabled_sites = {}

        for sitename, site in config.allsites().items():
            siteconf = config.user_siteconf.get(sitename, {})
            # Convert livestatus-proxy links into UNIX socket
            s = site["socket"]
            if type(s) == tuple and s[0] == "proxy":
                site["socket"] = "unix:" + defaults.livestatus_unix_socket + "proxy/" + sitename

            if siteconf.get("disabled", False):
                html.site_status[sitename] = { "state" : "disabled", "site" : site }
                disabled_sites[sitename] = site
            else:
                html.site_status[sitename] = { "state" : "dead", "site" : site }
                enabled_sites[sitename] = site

        html.live = livestatus.MultiSiteConnection(enabled_sites, disabled_sites)

        # Fetch status of sites by querying the version of Nagios and livestatus
        html.live.set_prepend_site(True)
        for sitename, v1, v2, ps, num_hosts, num_services in html.live.query(
              "GET status\n"
              "Columns: livestatus_version program_version program_start num_hosts num_services"):
            html.site_status[sitename].update({
                "state" : "online",
                "livestatus_version": v1,
                "program_version" : v2,
                "program_start" : ps,
                "num_hosts" : num_hosts,
                "num_services" : num_services,
            })
        html.live.set_prepend_site(False)

        # Get exceptions in case of dead sites
        for sitename, deadinfo in html.live.dead_sites().items():
            html.site_status[sitename]["exception"] = deadinfo["exception"]
            shs = deadinfo.get("status_host_state")
            html.site_status[sitename]["status_host_state"] = shs
            if shs == None:
                statename = "dead"
            else:
                statename = { 1:"down", 2:"unreach", 3:"waiting", }.get(shs, "unknown")
            html.site_status[sitename]["state"] = statename

    else:
        html.live = livestatus.SingleSiteConnection("unix:" + defaults.livestatus_unix_socket)
        html.live.set_timeout(10) # default timeout is 10 seconds
        html.site_status = { '': { "state" : "dead", "site" : config.site('') } }
        v1, v2, ps = html.live.query_row("GET status\nColumns: livestatus_version program_version program_start")
        html.site_status[''].update({ "state" : "online", "livestatus_version": v1, "program_version" : v2, "program_start" : ps })

    # If Multisite is retricted to data user is a nagios contact for,
    # we need to set an AuthUser: header for livestatus
    use_livestatus_auth = True
    if html.output_format == 'html':
        if config.may("general.see_all") and not config.user.get("force_authuser"):
            use_livestatus_auth = False
    else:
        if config.may("general.see_all") and not config.user.get("force_authuser_webservice"):
            use_livestatus_auth = False

    if use_livestatus_auth == True:
        html.live.set_auth_user('read',   config.user_id)
        html.live.set_auth_user('action', config.user_id)


    # May the user see all objects in BI aggregations or only some?
    if not config.may("bi.see_all"):
        html.live.set_auth_user('bi', config.user_id)

    # Default auth domain is read. Please set to None to switch off authorization
    html.live.set_auth_domain('read')