def _get_time_range_of(self, value: FilterHTTPVariables,
what: str) -> Union[None, int, float]:
varprefix = self.ident + "_" + what
rangename = value.get(varprefix + "_range")
if rangename == "abs":
try:
return time.mktime(time.strptime(value[varprefix], "%Y-%m-%d"))
except Exception:
user_errors.add(
MKUserError(
varprefix,
_("Please enter the date in the format YYYY-MM-DD.")))
return None
if rangename == "unix":
return int(value[varprefix])
if rangename is None:
return None
try:
count = int(value[varprefix])
secs = count * int(rangename)
return int(time.time()) - secs
except Exception:
return None
def _get_time_range_of(self, what: str) -> Union[None, int, float]:
varprefix = self.ident + "_" + what
rangename = html.request.var(varprefix + "_range")
if rangename == "abs":
try:
return time.mktime(
time.strptime(html.request.get_str_input_mandatory(varprefix), "%Y-%m-%d"))
except Exception:
user_errors.add(
MKUserError(varprefix, _("Please enter the date in the format YYYY-MM-DD.")))
return None
if rangename == "unix":
return html.request.get_integer_input_mandatory(varprefix)
if rangename is None:
return None
try:
count = html.request.get_integer_input_mandatory(varprefix)
secs = count * int(rangename)
return int(time.time()) - secs
except Exception:
html.request.set_var(varprefix, "")
return None
def _handle_report_form(self, crash_info):
details = {}
try:
vs = self._vs_crash_report()
details = vs.from_html_vars("_report")
vs.validate_value(details, "_report")
# Make the resulting page execute the crash report post request
url_encoded_params = urlencode_vars(
list(details.items()) + [
("crashdump",
base64.b64encode(
_pack_crash_report(
self._get_serialized_crash_report()))),
])
html.open_div(id_="pending_msg", style="display:none")
html.show_message(_("Submitting crash report..."))
html.close_div()
html.open_div(id_="success_msg", style="display:none")
html.show_message(
_("Your crash report has been submitted (ID: ###ID###). Thanks for your participation, "
"it is very important for the quality of Checkmk.<br><br>"
"Please note:"
"<ul>"
"<li>In general we do <i>not</i> respond to crash reports, "
"except we need further information from you.</li>"
"<li>We read every feedback thoroughly, but this might happen "
"not before a couple of weeks or even months have passed and is "
"often aligned with our release cycle.</li>"
"<li>If you are in need of a quick solution for your problem, then "
"we can help you within the scope of professional support. If you "
"already have a support contract, then please use your personal "
"support email address to send us a mail refering to your crash "
"report.<br>If you are interested in the details about support, "
"you find details on <a href=\"https://checkmk.com/"
"checkmk_support_contract.html\" target=\"_blank\">our website</a>."
))
html.close_div()
html.open_div(id_="fail_msg", style="display:none")
report_url = makeuri_contextless(
request,
[
("subject",
"Checkmk Crash Report - " + self._get_version()),
],
filename="mailto:" + self._get_crash_report_target(),
)
html.show_error(
_("Failed to send the crash report. Please download it manually and send it "
"to <a href=\"%s\">%s</a>") %
(report_url, self._get_crash_report_target()))
html.close_div()
html.javascript(
"cmk.transfer.submit_crash_report(%s, %s);" % (json.dumps(
config.crash_report_url), json.dumps(url_encoded_params)))
except MKUserError as e:
user_errors.add(e)
return details
def test_show_user_errors(register_builtin_html):
assert not user_errors
user_errors.add(MKUserError(None,
"asd <script>alert(1)</script> <br> <b>"))
assert user_errors
with output_funnel.plugged():
html.show_user_errors()
c = output_funnel.drain()
assert c == "<div class=\"error\">asd <script>alert(1)</script> <br> <b></div>"
def test_show_user_errors(request_context):
assert not user_errors
user_errors.add(MKUserError(None,
"asd <script>alert(1)</script> <br> <b>"))
assert user_errors
with output_funnel.plugged():
html.show_user_errors()
c = output_funnel.drain()
assert c == '<div class="error">asd <script>alert(1)</script> <br> <b></div>'
def get_livestatus_filter_headers(
context: VisualContext, filters: Iterable[Filter]
) -> Iterable[FilterHeader]:
"""Prepare Filter headers for Livestatus"""
for filt in filters:
try:
value = context.get(filt.ident, {})
filt.validate_value(value)
if header := filt.filter(value):
yield header
except MKUserError as e:
user_errors.add(e)
def _get_audit_log_options_from_request(self):
options = {}
for name, vs in self._audit_log_options():
if not list(request.itervars("options_" + name)):
continue
try:
value = vs.from_html_vars("options_" + name)
vs.validate_value(value, "options_" + name)
options[name] = value
except MKUserError as e:
user_errors.add(e)
return options
def page(self) -> None:
title = self._page_title()
breadcrumb = self._breadcrumb()
html.header(title, breadcrumb, self._page_menu(breadcrumb))
if transactions.check_transaction():
try:
self._action()
except MKUserError as e:
user_errors.add(e)
for message in get_flashed_messages():
html.show_message(message)
html.show_user_errors()
self._show_form()
def page(self) -> None:
title = self._page_title()
breadcrumb = make_simple_page_breadcrumb(mega_menu_registry.menu_user(), title)
html.header(title, breadcrumb, self._page_menu(breadcrumb))
if request.has_var("_save") and transactions.check_transaction():
try:
self._action()
except MKUserError as e:
user_errors.add(e)
for message in get_flashed_messages():
html.show_message(message)
html.show_user_errors()
self._show_form()
def page(self) -> None:
watolib.init_wato_datastructures(with_wato_lock=True)
title = self._page_title()
breadcrumb = make_simple_page_breadcrumb(
mega_menu_registry.menu_user(), title)
html.header(title, breadcrumb, self._page_menu(breadcrumb))
if html.request.has_var('_save') and transactions.check_transaction():
try:
self._action()
except MKUserError as e:
user_errors.add(e)
for message in get_flashed_messages():
html.show_message(message)
html.show_user_errors()
self._show_form()
def action(self) -> ActionResult:
if not transactions.check_transaction():
return None
if request.var('_try'):
try:
self._validate_diag_html_vars()
except MKUserError as e:
user_errors.add(e)
return None
if request.var('_save'):
# Save the ipaddress and/or community
vs_host = self._vs_host()
new = vs_host.from_html_vars('vs_host')
vs_host.validate_value(new, 'vs_host')
# If both snmp types have credentials set - snmpv3 takes precedence
return_message = []
if "ipaddress" in new:
return_message.append(_("IP address"))
if "snmp_v3_credentials" in new:
if "snmp_community" in new:
return_message.append(
_("SNMPv3 credentials (SNMPv2 community was discarded)"
))
else:
return_message.append(_("SNMPv3 credentials"))
new["snmp_community"] = new["snmp_v3_credentials"]
elif "snmp_community" in new:
return_message.append(_("SNMP credentials"))
self._host.update_attributes(new)
flash(_("Updated attributes: ") + ", ".join(return_message))
return redirect(
mode_url(
"edit_host",
host=self._hostname,
folder=watolib.Folder.current().path(),
))
return None
def edit_dictionaries(dictionaries: 'Sequence[Tuple[str, Union[Transform, Dictionary]]]',
value: Dict[str, Any],
focus: Optional[str] = None,
hover_help: bool = True,
validate: Optional[Callable[[Any], None]] = None,
title: Optional[str] = None,
method: str = "GET",
preview: bool = False,
varprefix: str = "",
formname: str = "form",
consume_transid: bool = True):
if request.get_ascii_input("filled_in") == formname and transactions.transaction_valid():
if not preview and consume_transid:
transactions.check_transaction()
messages: List[str] = []
new_value: Dict[str, Dict[str, Any]] = {}
for keyname, vs_dict in dictionaries:
dict_varprefix = varprefix + keyname
new_value[keyname] = {}
try:
edited_value = vs_dict.from_html_vars(dict_varprefix)
vs_dict.validate_value(edited_value, dict_varprefix)
new_value[keyname].update(edited_value)
except MKUserError as e:
messages.append("%s: %s" % (vs_dict.title() or _("Properties"), e))
user_errors.add(e)
except Exception as e:
messages.append("%s: %s" % (vs_dict.title() or _("Properties"), e))
user_errors.add(MKUserError(None, str(e)))
if validate and not user_errors:
try:
validate(new_value[keyname])
except MKUserError as e:
messages.append(str(e))
user_errors.add(e)
if messages:
messages_joined = "".join(["%s<br>\n" % m for m in messages])
if not preview:
html.show_error(messages_joined)
else:
raise MKUserError(None, messages_joined)
else:
return new_value
html.begin_form(formname, method=method)
for keyname, vs_dict in dictionaries:
dict_varprefix = varprefix + keyname
subvalue = value.get(keyname, {})
vs_dict.render_input_as_form(dict_varprefix, subvalue)
end()
# Should be ignored be hidden_fields, but I do not dare to change it there
request.del_var("filled_in")
html.hidden_fields()
html.end_form()
def get_bound(var: str, value: FilterHTTPVariables) -> Optional[int]:
rangename = value.get(var + "_range")
if rangename == "abs":
try:
return int(time.mktime(time.strptime(value[var], "%Y-%m-%d")))
except Exception:
user_errors.add(
MKUserError(
var,
_("Please enter the date in the format YYYY-MM-DD.")))
return None
if rangename == "unix":
return int(value[var])
if rangename is None:
return None
try:
count = int(value[var])
secs = count * int(rangename)
return int(time.time()) - secs
except Exception:
return None
def _do_login(self) -> None:
"""handle the sent login form"""
if not request.var("_login"):
return
try:
if not config.user_login:
raise MKUserError(None,
_("Login is not allowed on this site."))
username_var = request.get_unicode_input("_username", "")
assert username_var is not None
username = UserId(username_var.rstrip())
if not username:
raise MKUserError("_username", _("Missing username"))
password = request.var("_password", "")
if not password:
raise MKUserError("_password", _("Missing password"))
default_origtarget = url_prefix() + "check_mk/"
origtarget = request.get_url_input("_origtarget",
default_origtarget)
# Disallow redirections to:
# - logout.py: Happens after login
# - side.py: Happens when invalid login is detected during sidebar refresh
if "logout.py" in origtarget or "side.py" in origtarget:
origtarget = default_origtarget
result = userdb.check_credentials(username, password)
if result:
# use the username provided by the successful login function, this function
# might have transformed the username provided by the user. e.g. switched
# from mixed case to lower case.
username = result
session_id = userdb.on_succeeded_login(username)
# The login succeeded! Now:
# a) Set the auth cookie
# b) Unset the login vars in further processing
# c) Redirect to really requested page
_create_auth_session(username, session_id)
# Never use inplace redirect handling anymore as used in the past. This results
# in some unexpected situations. We simpy use 302 redirects now. So we have a
# clear situation.
# userdb.need_to_change_pw returns either False or the reason description why the
# password needs to be changed
change_pw_result = userdb.need_to_change_pw(username)
if change_pw_result:
raise HTTPRedirect(
"user_change_pw.py?_origtarget=%s&reason=%s" %
(urlencode(origtarget), change_pw_result))
raise HTTPRedirect(origtarget)
userdb.on_failed_login(username)
raise MKUserError(None, _("Invalid login"))
except MKUserError as e:
user_errors.add(e)
def _wato_page_handler(current_mode: str, mode_permissions: Optional[List[PermissionName]],
mode_class: Type[WatoMode]) -> None:
try:
init_wato_datastructures(with_wato_lock=not transactions.is_transaction())
except Exception:
# Snapshot must work in any case
if current_mode == 'snapshot':
pass
else:
raise
# Check general permission for this mode
if mode_permissions is not None and not config.user.may("wato.seeall"):
_ensure_mode_permissions(mode_permissions)
mode = mode_class()
# Do actions (might switch mode)
if transactions.is_transaction():
try:
config.user.need_permission("wato.edit")
# Even if the user has seen this mode because auf "seeall",
# he needs an explicit access permission for doing changes:
if config.user.may("wato.seeall"):
if mode_permissions:
_ensure_mode_permissions(mode_permissions)
if cmk.gui.watolib.read_only.is_enabled(
) and not cmk.gui.watolib.read_only.may_override():
raise MKUserError(None, cmk.gui.watolib.read_only.message())
result = mode.action()
if isinstance(result, (tuple, str, bool)):
raise MKGeneralException(
f"WatoMode \"{current_mode}\" returns unsupported return value: {result!r}")
# We assume something has been modified and increase the config generation ID by one.
update_config_generation()
if config.wato_use_git:
do_git_commit()
# Handle two cases:
# a) Don't render the page content after action
# (a confirm dialog is displayed by the action, or a non-HTML content was sent)
# b) Redirect to another page
if isinstance(result, FinalizeRequest):
raise result
except MKUserError as e:
user_errors.add(e)
except MKAuthException as e:
user_errors.add(MKUserError(None, e.args[0]))
breadcrumb = make_main_menu_breadcrumb(mode.main_menu()) + mode.breadcrumb()
page_menu = mode.page_menu(breadcrumb)
wato_html_head(title=mode.title(),
breadcrumb=breadcrumb,
page_menu=page_menu,
show_body_start=display_options.enabled(display_options.H),
show_top_heading=display_options.enabled(display_options.T))
if not transactions.is_transaction() or (cmk.gui.watolib.read_only.is_enabled() and
cmk.gui.watolib.read_only.may_override()):
_show_read_only_warning()
# Show outcome of failed action on this page
html.show_user_errors()
# Show outcome of previous page (that redirected to this one)
for message in get_flashed_messages():
html.show_message(message)
# Show content
mode.handle_page()
if is_sidebar_reload_needed():
html.reload_whole_page()
wato_html_footer(show_body_end=display_options.enabled(display_options.H))
def test_user_errors_request_context_integration(register_builtin_html) -> None:
assert not user_errors
user_errors.add(MKUserError(None, "abc"))
assert user_errors[None] == "abc"
