Merge remote-tracking branch 'origin/support/3.2' into develop

datamodels/2.x/itop-config/datamodel.itop-config.xml

@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.2">
   <menus>
-    <menu id="ConfigEditor" xsi:type="WebPageMenuNode" _delta="define">
+    <menu id="ConfigFileEditor" xsi:type="WebPageMenuNode" _delta="define">
       <rank>10</rank>
-      <parent>ConfigurationTools</parent>
+      <parent>ConfigEditor</parent>
       <url>config.php</url>
       <enable_admin_only>1</enable_admin_only>
     </menu>

datamodels/2.x/itop-config/dictionaries/en.dict.itop-config.php

@@ -23,7 +23,7 @@
 
 Dict::Add('EN US', 'English', 'English', array(
 
-	'Menu:ConfigEditor' => 'General configuration',
+	'Menu:ConfigFileEditor' => 'Plain text editor',
 	'config-edit-title' => 'Configuration File Editor',
 	'config-edit-intro' => 'Be very cautious when editing the configuration file.',
 	'config-apply' => 'Apply',

datamodels/2.x/itop-config/dictionaries/fr.dict.itop-config.php

@@ -10,7 +10,7 @@
  *
  */
 Dict::Add('FR FR', 'French', 'Français', [
-	'Menu:ConfigEditor' => 'Configuration générale',
+	'Menu:ConfigFileEditor' => 'Éditeur de texte brut',
 	'config-apply' => 'Enregistrer',
 	'config-apply-title' => 'Enregistrer (Ctrl+S)',
 	'config-cancel' => 'Annuler (restaurer)',

datamodels/2.x/itop-portal-base/portal/config/bootstrap.php

@@ -41,16 +41,11 @@ if (!defined('MODULESROOT'))
 	require_once APPROOT.'/application/startup.inc.php';
 }
 
-// Load cached env vars if the .env.local.php file exists
-// Run "composer dump-env prod" to create it (requires symfony/flex >=1.2)
-if (file_exists(dirname(__DIR__).'/.env.local.php')) {
-	if (is_array($sEnv = @include dirname(__DIR__).'/.env.local.php')) {
-		$_ENV += $sEnv;
-	}
-} elseif (!class_exists(Dotenv::class)) {
+// Load cached env vars if the .env.local file exists
+if (!class_exists(Dotenv::class)) {
 	throw new RuntimeException('Please run "composer require symfony/dotenv" to load the ".env" files configuring the application.');
 } else {
-	$sPath = dirname(__DIR__).'/.env';
+	$sPath = file_exists(dirname(__DIR__).'/.env.local') ? dirname(__DIR__).'/.env.local' : dirname(__DIR__).'/.env';
 	$oDotenv = new Dotenv();
 	$oDotenv->usePutenv();
 

datamodels/2.x/itop-portal-base/portal/src/Form/ObjectFormManager.php

@@ -1148,7 +1148,7 @@ class ObjectFormManager extends FormManager
 			{
 				$this->oObject->DBWrite();
 			} catch (CoreCannotSaveObjectException $e) {
-				throw new Exception($e->getHtmlMessage());
+				throw new Exception($e->getTextMessage());
 			} catch (InvalidExternalKeyValueException $e) {
 				ExceptionLog::LogException($e, $e->getContextData());
 				$bExceptionLogged = true;
@@ -1224,7 +1224,7 @@ class ObjectFormManager extends FormManager
 		}
 		catch (CoreCannotSaveObjectException $e) {
 			$aData['valid'] = false;
-			$aData['messages']['error'] += array('_main' => array($e->getHtmlMessage()));
+			$aData['messages']['error'] += array('_main' => array($e->getTextMessage()));
 			if (false === $bExceptionLogged) {
 				IssueLog::Error(__METHOD__.' at line '.__LINE__.' : '.$e->getMessage());
 			}
@@ -1232,7 +1232,7 @@ class ObjectFormManager extends FormManager
 		catch (Exception $e) {
 			$aData['valid'] = false;
 			$aData['messages']['error'] += [
-				'_main' => [ ($e instanceof CoreCannotSaveObjectException) ? $e->getHtmlMessage() : $e->getMessage()]
+				'_main' => [ ($e instanceof CoreCannotSaveObjectException) ? $e->getTextMessage() : $e->getMessage()]
 			];
 			if (false === $bExceptionLogged) {
 				IssueLog::Error(__METHOD__.' at line '.__LINE__.' : '.$e->getMessage());

datamodels/2.x/itop-portal-base/portal/src/Helper/ContextManipulatorHelper.php

@@ -13,6 +13,7 @@ use CorePortalInvalidActionRuleException;
 use DBObject;
 use DBObjectSearch;
 use DBObjectSet;
+use DBProperty;
 use DBSearch;
 use DeprecatedCallsLog;
 use DOMFormatException;
@@ -20,8 +21,10 @@ use DOMNodeList;
 use Exception;
 use FieldExpression;
 use IssueLog;
+use MetaModel;
 use ModuleDesign;
 use ScalarExpression;
+use SimpleCrypt;
 use Symfony\Component\Routing\RouterInterface;
 use TrueExpression;
 use UserRights;
@@ -49,6 +52,8 @@ class ContextManipulatorHelper
 	/** @var string DEFAULT_RULE_CALLBACK_OPEN */
 	const DEFAULT_RULE_CALLBACK_OPEN = self::ENUM_RULE_CALLBACK_OPEN_VIEW;
 
+	const PRIVATE_KEY = 'portal-priv-key';
+
 	/** @var array $aRules */
 	protected $aRules;
 	/** @var \Symfony\Component\Routing\RouterInterface */
@@ -524,8 +529,11 @@ class ContextManipulatorHelper
 	 */
 	public static function EncodeRulesToken($aTokenRules)
 	{
-		// Returning tokenised data
-		return base64_encode(json_encode($aTokenRules));
+		$aTokenRules['salt'] = base64_encode(random_bytes(8));
+
+		$sPPrivateKey = self::GetPrivateKey();
+		$oCrypt = new SimpleCrypt(MetaModel::GetConfig()->GetEncryptionLibrary());
+		return base64_encode($oCrypt->Encrypt($sPPrivateKey, json_encode($aTokenRules)));
 	}
 
 	/**
@@ -549,9 +557,41 @@ class ContextManipulatorHelper
 	 * @param string $sToken
 	 *
 	 * @return array
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MySQLException
+	 * @throws \OQLException
 	 */
 	public static function DecodeRulesToken($sToken)
 	{
-		return json_decode(base64_decode($sToken), true);
+		$sPrivateKey = self::GetPrivateKey();
+		$oCrypt = new SimpleCrypt(MetaModel::GetConfig()->GetEncryptionLibrary());
+		$sDecryptedToken = $oCrypt->Decrypt($sPrivateKey, base64_decode($sToken));
+
+		$aTokenRules = json_decode($sDecryptedToken, true);
+		if (!is_array($aTokenRules))
+		{
+			throw new Exception('DecodeRulesToken not a proper json structure.');
+		}
+
+		return $aTokenRules;
+	}
+
+
+	/**
+	 * @return string
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MySQLException
+	 */
+	private static function GetPrivateKey()
+	{
+		$sPrivateKey = DBProperty::GetProperty(self::PRIVATE_KEY);
+		if (is_null($sPrivateKey)) {
+			$sPrivateKey = bin2hex(random_bytes(32));
+			DBProperty::SetProperty(self::PRIVATE_KEY, $sPrivateKey);
+		}
+
+		return $sPrivateKey;
 	}
 }