def test_show_user_errors(request_context):
assert not user_errors
user_errors.add(MKUserError(None,
"asd <script>alert(1)</script> <br> <b>"))
assert user_errors
with output_funnel.plugged():
html.show_user_errors()
c = output_funnel.drain()
assert c == '<div class="error">asd <script>alert(1)</script> <br> <b></div>'
def _show_diagnose_output(self):
if not request.var("_save"):
html.show_message(
_(
"You can diagnose the connection to a specific host using this dialog. "
"You can either test whether your current configuration is still working "
"or investigate in which ways a host can be reached. Simply configure the "
"connection options you like to try on the right side of the screen and "
'press the "Test" button. The results will be displayed here.'
)
)
return
if user_errors:
html.show_user_errors()
return
# TODO: Insert any vs_host valuespec validation
# These tests can be called with invalid valuespec settings...
# TODO: Replace hard coded icon paths with dynamic ones to old or new theme
for ident, title in ModeDiagHost.diag_host_tests():
html.h3(title)
html.open_table(class_=["data", "test"])
html.open_tr(class_=["data", "odd0"])
html.open_td(class_="icons")
html.open_div()
html.icon("reload", id_="%s_img" % ident)
html.open_a(href="")
html.icon(
"reload", title=_("Retry this test"), cssclass="retry", id_="%s_retry" % ident
)
html.close_a()
html.close_div()
html.close_td()
html.open_td()
html.div("", class_="log", id="%s_log" % ident)
html.close_td()
html.close_tr()
html.close_table()
html.javascript(
"cmk.host_diagnose.start_test(%s, %s, %s)"
% (
json.dumps(ident),
json.dumps(self._hostname),
json.dumps(transactions.fresh_transid()),
)
)
def _show_report_form(self, crash_info: CrashInfo,
details: ReportSubmitDetails) -> None:
if crash_info["crash_type"] == "gui":
self._add_gui_user_infos_to_details(details)
html.begin_form("report", method="GET")
html.show_user_errors()
vs = self._vs_crash_report()
vs.render_input("_report", details)
vs.set_focus("report")
forms.end()
html.button("_report", _("Submit Report"))
html.hidden_fields()
html.end_form()
def page(self) -> None:
title = self._page_title()
breadcrumb = self._breadcrumb()
make_header(html, title, breadcrumb, self._page_menu(breadcrumb))
if transactions.check_transaction():
try:
self._action()
except MKUserError as e:
user_errors.add(e)
for message in get_flashed_messages():
html.show_message(message)
html.show_user_errors()
self._show_form()
def _display_audit_log_options(self):
if display_options.disabled(display_options.C):
return
html.begin_form("options", method="GET")
self._show_audit_log_options_controls()
html.open_div(class_="side_popup_content")
html.show_user_errors()
for name, vs in self._audit_log_options():
def renderer(name=name, vs=vs) -> None:
vs.render_input("options_" + name, self._options[name])
html.render_floating_option(name, "single", vs.title(), renderer)
html.close_div()
html.hidden_fields()
html.end_form()
def _wato_page_handler(current_mode: str,
mode_permissions: Optional[List[PermissionName]],
mode_class: Type[WatoMode]) -> None:
# Check general permission for this mode
if mode_permissions is not None and not user.may("wato.seeall"):
_ensure_mode_permissions(mode_permissions)
mode = mode_class()
# Do actions (might switch mode)
if transactions.is_transaction():
try:
user.need_permission("wato.edit")
# Even if the user has seen this mode because auf "seeall",
# he needs an explicit access permission for doing changes:
if user.may("wato.seeall"):
if mode_permissions:
_ensure_mode_permissions(mode_permissions)
if (cmk.gui.watolib.read_only.is_enabled()
and not cmk.gui.watolib.read_only.may_override()):
raise MKUserError(None, cmk.gui.watolib.read_only.message())
result = mode.action()
if isinstance(result, (tuple, str, bool)):
raise MKGeneralException(
f'WatoMode "{current_mode}" returns unsupported return value: {result!r}'
)
# We assume something has been modified and increase the config generation ID by one.
update_config_generation()
if active_config.wato_use_git:
do_git_commit()
# Handle two cases:
# a) Don't render the page content after action
# (a confirm dialog is displayed by the action, or a non-HTML content was sent)
# b) Redirect to another page
if isinstance(result, FinalizeRequest):
raise result
except MKUserError as e:
user_errors.add(e)
except MKAuthException as e:
user_errors.add(MKUserError(None, e.args[0]))
breadcrumb = make_main_menu_breadcrumb(
mode.main_menu()) + mode.breadcrumb()
page_menu = mode.page_menu(breadcrumb)
wato_html_head(
title=mode.title(),
breadcrumb=breadcrumb,
page_menu=page_menu,
show_body_start=display_options.enabled(display_options.H),
show_top_heading=display_options.enabled(display_options.T),
)
if not transactions.is_transaction() or (
cmk.gui.watolib.read_only.is_enabled()
and cmk.gui.watolib.read_only.may_override()):
_show_read_only_warning()
# Show outcome of failed action on this page
html.show_user_errors()
# Show outcome of previous page (that redirected to this one)
for message in get_flashed_messages():
html.show_message(message)
# Show content
mode.handle_page()
if is_sidebar_reload_needed():
html.reload_whole_page()
wato_html_footer(show_body_end=display_options.enabled(display_options.H))
class UserLoginTwoFactor(Page):
def page(self) -> None:
assert user.id is not None
html.render_headfoot = False
html.add_body_css_class("login")
html.add_body_css_class("two_factor")
make_header(html,
_("Two-factor authentication"),
Breadcrumb(),
javascripts=[])
html.open_div(id_="login")
html.open_div(id_="login_window")
html.open_a(href="https://checkmk.com")
html.img(
src=theme.detect_icon_path(icon_name="logo", prefix="mk-"),
id_="logo",
class_="custom" if theme.has_custom_logo() else None,
)
html.close_a()
if not is_two_factor_login_enabled(user.id):
raise MKGeneralException(
_("Two-factor authentication not enabled"))
html.begin_form("two_factor_login",
method="POST",
add_transid=False,
action="user_login_two_factor.py")
html.prevent_password_auto_completion()
html.hidden_field(
"_origtarget", origtarget :=
request.get_url_input("_origtarget", "index.py"))
if backup_code := request.get_ascii_input("_backup_code"):
if is_two_factor_backup_code_valid(user.id, backup_code):
set_two_factor_completed()
raise HTTPRedirect(origtarget)
html.label(
_("Two-factor authentication"),
for_="webauthn_message",
id_="label_2fa",
class_="legend",
)
html.div("", id_="webauthn_message")
with foldable_container(
treename="webauthn_backup_codes",
id_="backup_container",
isopen=False,
title=_("Use backup code"),
indent=False,
save_state=False,
):
html.label(
"%s:" % _("Backup code"),
id_="label_pass",
class_=["legend"],
for_="_backup_code",
)
html.br()
html.password_input("_backup_code", id_="input_pass", size=None)
html.open_div(id_="button_text")
html.button("_use_backup_code",
_("Use backup code"),
cssclass="hot")
html.close_div()
html.close_div()
if user_errors:
html.open_div(id_="login_error")
html.show_user_errors()
html.close_div()
html.javascript("cmk.webauthn.login()")
html.hidden_fields()
html.end_form()
html.close_div()
html.footer()