def buttons(self):
global_buttons()
if html.request.has_var("back"):
back_url = html.get_url_input("back")
html.context_button(_("Back"), back_url, "back")
html.context_button(_("All Check Plugins"),
html.makeuri_contextless([("mode", "check_plugins")]), "check_plugins")
if self._check_type.startswith("check_"):
command = "check_mk_active-" + self._check_type[6:]
else:
command = "check_mk-" + self._check_type
url = html.makeuri_contextless([("view_name", "searchsvc"), ("check_command", command),
("filled_in", "filter")],
filename="view.py")
html.context_button(_("Find usage"), url, "status")
def page_clear():
acktime = html.request.var('acktime')
if acktime is None:
acktime = time.time()
else:
acktime = float(acktime)
prev_url = html.get_url_input('prev_url', '')
if html.request.var('_confirm'):
acknowledge_failed_notifications(acktime)
html.reload_sidebar()
if config.user.authorized_login_sites():
# This local import is needed for the moment
import cmk.gui.wato.user_profile # pylint: disable=redefined-outer-name
cmk.gui.wato.user_profile.user_profile_async_replication_page()
return
failed_notifications = load_failed_notifications(before=acktime, after=acknowledged_time())
render_page_confirm(acktime, prev_url, failed_notifications)
def page_login() -> None:
title = _("Checkmk Mobile")
mobile_html_head(title)
jqm_page_header(title, id_="login")
html.div(_("Welcome to Checkmk Mobile."), id_="loginhead")
html.begin_form("login", method='POST', add_transid=False)
# Keep information about original target URL
default_origtarget = "index.py" if html.myfile in ["login", "logout"
] else makeuri(
request, [])
origtarget = html.get_url_input("_origtarget", default_origtarget)
html.hidden_field('_origtarget', escaping.escape_attribute(origtarget))
html.text_input("_username",
label=_("Username:"******"username",
id_="input_user")
html.password_input(
"_password",
size=None,
label=_("Password:"******"current-password",
id_="input_pass",
)
html.br()
html.button("_login", _('Login'))
html.set_focus("_username")
html.end_form()
html.open_div(id_="loginfoot")
html.img("themes/facelift/images/logo_cmk_small.png", class_="logomk")
html.div(HTML(
_("© <a target=\"_blank\" href=\"https://checkmk.com\">tribe29 GmbH</a>"
)),
class_="copyright")
html.close_div() # close content-div
html.close_div()
html.close_div() # close page-div
mobile_html_foot()
def _paint_download_host_info(what, row, tags, host_custom_vars, ty):
if (what == "host" or (what == "service" and row["service_description"] == "Check_MK")) \
and config.user.may("wato.download_agent_output") \
and not row["host_check_type"] == 2: # Not for shadow hosts
# Not 100% acurate to use the tags here, but this is the best we can do
# with the available information.
# Render "download agent output" for non agent hosts, because there might
# be piggyback data available which should be downloadable.
if ty == "walk" and "snmp" not in tags:
return
if ty == "agent" and "snmp" in tags and "tcp" not in tags:
return
params = [
("host", row["host_name"]),
("folder", _wato_folder_from_filename(row["host_filename"])),
("type", ty),
("_start", "1"),
]
# When the download icon is part of the host/service action menu, then
# the _back_url set in paint_action_menu() needs to be used. Otherwise
# makeuri(request, []) (not html.requested_uri()) is the right choice.
back_url = html.get_url_input("_back_url", makeuri(request, []))
if back_url:
params.append(("back_url", back_url))
if ty == "agent":
title = _("Download agent output")
else:
title = _("Download SNMP walk")
url = makeuri_contextless(request,
params,
filename="fetch_agent_output.py")
return "agent_output", title, url
def _from_vars(self):
config.user.need_permission("wato.download_agent_output")
host_name = html.request.var("host")
if not host_name:
raise MKGeneralException(_("The host is missing."))
ty = html.request.var("type")
if ty not in ["walk", "agent"]:
raise MKGeneralException(_("Invalid type specified."))
self._back_url = html.get_url_input("back_url", deflt="") or None
watolib.init_wato_datastructures(with_wato_lock=True)
host = watolib.Folder.current().host(host_name)
if not host:
raise MKGeneralException(
_("Host is not managed by WATO. "
"Click <a href=\"%s\">here</a> to go back.") % escape_attribute(self._back_url))
host.need_permission("read")
self._request = FetchAgentOutputRequest(host=host, agent_type=ty)
def _back_url(self):
return html.get_url_input("back_url", deflt="")
def _show_login_page(self) -> None:
html.set_render_headfoot(False)
html.add_body_css_class("login")
html.header(config.get_page_heading(), Breadcrumb(), javascripts=[])
default_origtarget = ("index.py" if html.myfile in ["login", "logout"]
else makeuri(global_request, []))
origtarget = html.get_url_input("_origtarget", default_origtarget)
# Never allow the login page to be opened in the iframe. Redirect top page to login page.
# This will result in a full screen login page.
html.javascript('''if(top != self) {
window.top.location.href = location;
}''')
# When someone calls the login page directly and is already authed redirect to main page
if html.myfile == 'login' and _check_auth(html.request):
raise HTTPRedirect(origtarget)
html.open_div(id_="login")
html.open_div(id_="login_window")
html.div("" if "hide_version" in config.login_screen else
cmk_version.__version__,
id_="version")
html.begin_form("login",
method='POST',
add_transid=False,
action='login.py')
html.hidden_field('_login', '1')
html.hidden_field('_origtarget', origtarget)
html.label("%s:" % _('Username'),
id_="label_user",
class_=["legend"],
for_="_username")
html.br()
html.text_input("_username", id_="input_user")
html.label("%s:" % _('Password'),
id_="label_pass",
class_=["legend"],
for_="_password")
html.br()
html.password_input("_password", id_="input_pass", size=None)
if html.has_user_errors():
html.open_div(id_="login_error")
html.show_user_errors()
html.close_div()
html.open_div(id_="button_text")
html.button("_login", _('Login'))
html.close_div()
html.close_div()
html.open_div(id_="foot")
if config.login_screen.get("login_message"):
html.open_div(id_="login_message")
html.show_message(config.login_screen["login_message"])
html.close_div()
footer: List[Union[HTML, str]] = []
for title, url, target in config.login_screen.get("footer_links", []):
footer.append(html.render_a(title, href=url, target=target))
if "hide_version" not in config.login_screen:
footer.append("Version: %s" % cmk_version.__version__)
footer.append("© %s" % html.render_a(
"tribe29 GmbH", href="https://checkmk.com", target="_blank"))
html.write(HTML(" - ").join(footer))
if cmk_version.is_raw_edition():
html.br()
html.br()
html.write(
_('You can use, modify and distribute Check_MK under the terms of the <a href="%s" target="_blank">'
'GNU GPL Version 2</a>.') % "https://checkmk.com/gpl.html")
html.close_div()
html.set_focus('_username')
html.hidden_fields()
html.end_form()
html.close_div()
html.footer()
def _do_login(self) -> None:
"""handle the sent login form"""
if not html.request.var('_login'):
return
try:
username_var = html.request.get_unicode_input('_username', '')
assert username_var is not None
username = UserId(username_var.rstrip())
if not username:
raise MKUserError('_username', _('No username given.'))
password = html.request.var('_password', '')
if not password:
raise MKUserError('_password', _('No password given.'))
default_origtarget = config.url_prefix() + "check_mk/"
origtarget = html.get_url_input("_origtarget", default_origtarget)
# Disallow redirections to:
# - logout.py: Happens after login
# - side.py: Happens when invalid login is detected during sidebar refresh
if "logout.py" in origtarget or 'side.py' in origtarget:
origtarget = default_origtarget
# '<user_id>' -> success
# False -> failed
result = userdb.hook_login(username, password)
if result:
assert isinstance(result, str)
# use the username provided by the successful login function, this function
# might have transformed the username provided by the user. e.g. switched
# from mixed case to lower case.
username = result
# When single user session mode is enabled, check that there is not another
# active session
userdb.ensure_user_can_init_session(username)
# reset failed login counts
userdb.on_succeeded_login(username)
# The login succeeded! Now:
# a) Set the auth cookie
# b) Unset the login vars in further processing
# c) Redirect to really requested page
_create_auth_session(username)
# Never use inplace redirect handling anymore as used in the past. This results
# in some unexpected situations. We simpy use 302 redirects now. So we have a
# clear situation.
# userdb.need_to_change_pw returns either False or the reason description why the
# password needs to be changed
change_pw_result = userdb.need_to_change_pw(username)
if change_pw_result:
raise HTTPRedirect(
'user_change_pw.py?_origtarget=%s&reason=%s' %
(html.urlencode(origtarget), change_pw_result))
raise HTTPRedirect(origtarget)
userdb.on_failed_login(username)
raise MKUserError(None, _('Invalid credentials.'))
except MKUserError as e:
html.add_user_error(e.varname, e)
def test_get_url_input(register_builtin_html):
html.request.set_var("url", "view.py?bla=blub")
html.request.set_var("no_url", "2")
html.request.set_var("invalid_url", "http://bla/")
html.request.set_var("invalid_char", "viäw.py")
html.request.set_var("invalid_char2", "vi+w.py")
with pytest.raises(MKUserError) as e:
html.get_url_input("not_existing")
assert "is missing" in "%s" % e
assert html.get_url_input("get_default", "my_url.py") == "my_url.py"
assert html.get_url_input("get_default", "http://bla/") == "http://bla/"
assert html.get_url_input("url") == "view.py?bla=blub"
assert html.get_url_input("no_url") == "2"
with pytest.raises(MKUserError) as e:
html.get_url_input("invalid_url")
assert "not a valid" in "%s" % e
with pytest.raises(MKUserError) as e:
html.get_url_input("invalid_char")
assert "not a valid" in "%s" % e
with pytest.raises(MKUserError) as e:
html.get_url_input("invalid_char2")
assert "not a valid" in "%s" % e
assert html.get_url_input("no_url") == "2"
def test_get_url_input_invalid_urls(register_builtin_html, invalid_url):
html.request.set_var("varname", invalid_url)
with pytest.raises(MKUserError) as e:
html.get_url_input("varname")
assert "not a valid URL" in "%s" % e
def page_edit(cls):
back_url = html.get_url_input("back", cls.list_url())
cls.load()
cls.need_overriding_permission("edit")
# Three possible modes:
# "create" -> create completely new page
# "clone" -> like new, but prefill form with values from existing page
# "edit" -> edit existing page
mode = html.request.var('mode', 'edit')
if mode == "create":
title = cls.phrase("create")
page_dict = {
"name": cls.default_name(),
"topic": cls.default_topic(),
}
else:
# Load existing page. visual from disk - and create a copy if 'load_user' is set
page_name = html.request.var("load_name")
if mode == "edit":
title = cls.phrase("edit")
owner_user_id = UserId(
html.request.get_unicode_input_mandatory("owner", config.user.id))
if owner_user_id == config.user.id:
page = cls.find_my_page(page_name)
else:
page = cls.find_foreign_page(owner_user_id, page_name)
if page is None:
raise MKUserError(None,
_("The requested %s does not exist") % cls.phrase("title"))
# TODO FIXME: Looks like a hack
cls.remove_instance((owner_user_id, page_name)) # will be added later again
else: # clone
title = cls.phrase("clone")
load_user = html.request.get_unicode_input(
"load_user") # FIXME: Change varname to "owner"
try:
page = cls.instance((load_user, page_name))
except KeyError:
raise MKUserError(None,
_("The requested %s does not exist") % cls.phrase("title"))
page_dict = page.internal_representation()
html.header(title)
html.begin_context_buttons()
html.context_button(_("Back"), back_url, "back")
html.end_context_buttons()
parameters, keys_by_topic = cls._collect_parameters(mode)
vs = Dictionary(
title=_("General Properties"),
render='form',
optional_keys=False,
elements=parameters,
headers=keys_by_topic,
)
def validate(page_dict):
owner_user_id = UserId(html.request.get_unicode_input_mandatory(
"owner", config.user.id))
page_name = page_dict["name"]
if owner_user_id == config.user.id:
page = cls.find_my_page(page_name)
else:
page = cls.find_foreign_page(owner_user_id, page_name)
if page:
raise MKUserError(
"_p_name",
_("You already have an element with the ID <b>%s</b>") % page_dict["name"])
new_page_dict = forms.edit_valuespec(vs,
page_dict,
validate=validate,
focus="_p_title",
method="POST")
if new_page_dict is not None:
# Take over keys from previous value that are specific to the page type
# and not edited here.
if mode in ("edit", "clone"):
for key, value in page_dict.items():
new_page_dict.setdefault(key, value)
owner = UserId(html.request.get_unicode_input_mandatory("owner", config.user.id))
new_page_dict["owner"] = owner
new_page = cls(new_page_dict)
cls.add_page(new_page)
cls.save_user_instances(owner)
if mode == "create":
redirect_url = new_page.after_create_url() or back_url
else:
redirect_url = back_url
html.immediate_browser_redirect(0.5, redirect_url)
html.show_message(_('Your changes haven been saved.'))
# Reload sidebar.TODO: This code logically belongs to PageRenderer. How
# can we simply move it there?
# TODO: This is not true for all cases. e.g. the BookmarkList is not
# of type PageRenderer but has a dedicated sidebar snapin. Maybe
# the best option would be to make a dedicated method to decide whether
# or not to reload the sidebar.
if new_page_dict.get("hidden") in [ None, False ] \
or new_page_dict.get("hidden") != page_dict.get("hidden"):
html.reload_sidebar()
else:
html.show_localization_hint()
html.footer()
return
def _get_start_url() -> str:
default_start_url = config.user.get_attribute("start_url", config.start_url) or config.start_url
if not utils.is_allowed_url(default_start_url):
default_start_url = "dashboard.py"
return html.get_url_input("start_url", default_start_url)
def buttons(self):
back_url = html.get_url_input("back", "")
if back_url:
html.context_button(_("Back"), back_url, "back")
else:
global_buttons()
