mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-24 11:08:45 +02:00
N°3251 - Restore 2.7 behaviour of ExecITopScript (hide passwords from commandline arguments) and allow tests to provide credentials
This commit is contained in:
Eric
@@ -1174,84 +1174,73 @@ class utils
|
||||
* Execute the given iTop PHP script, passing it the current credentials
|
||||
* Only CLI mode is supported, because of the need to hand the credentials over to the next process
|
||||
* Throws an exception if the execution fails or could not be attempted (config issue)
|
||||
* @param string $sScript Name and relative path to the file (relative to the iTop root dir)
|
||||
* @param hash $aArguments Associative array of 'arg' => 'value'
|
||||
* @return array(iCode, array(output lines))
|
||||
*/
|
||||
/**
|
||||
* @param string $sScriptName
|
||||
* @param array $aArguments
|
||||
*
|
||||
* @return array
|
||||
* @param string $sScriptName Name and relative path to the file (relative to the iTop root dir)
|
||||
* @param array $aArguments Associative array of 'arg' => 'value'
|
||||
* @param string|null $sAuthUser
|
||||
* @param string|null $sAuthPwd
|
||||
*
|
||||
* @return array(iCode, array(output lines))
|
||||
*
|
||||
* @throws \ConfigException
|
||||
* @throws \CoreException
|
||||
* @throws \Exception
|
||||
*/
|
||||
public static function ExecITopScript($sScriptName, $aArguments)
|
||||
public static function ExecITopScript(string $sScriptName, array $aArguments, string $sAuthUser = null, string $sAuthPwd = null)
|
||||
{
|
||||
$aDisabled = explode(', ', ini_get('disable_functions'));
|
||||
if (in_array('exec', $aDisabled))
|
||||
{
|
||||
if (in_array('exec', $aDisabled)) {
|
||||
throw new Exception("The PHP exec() function has been disabled on this server");
|
||||
}
|
||||
|
||||
$sPHPExec = trim(self::GetConfig()->Get('php_path'));
|
||||
if (strlen($sPHPExec) == 0)
|
||||
{
|
||||
if (strlen($sPHPExec) == 0) {
|
||||
throw new Exception("The path to php must not be empty. Please set a value for 'php_path' in your configuration file.");
|
||||
}
|
||||
|
||||
if (!isset($aArguments['auth_user'])) {
|
||||
if (is_null($sAuthUser)) {
|
||||
$sAuthUser = self::ReadParam('auth_user', '', 'raw_data');
|
||||
$aArguments['auth_user'] = $sAuthUser;
|
||||
}
|
||||
if (!isset($aArguments['auth_pwd'])) {
|
||||
$sAuthPwd = self::ReadParam('auth_pwd', '', 'raw_data');
|
||||
$aArguments['auth_pwd'] = $sAuthPwd;
|
||||
}
|
||||
if (!isset($aArguments['param_file'])) {
|
||||
$sParamFile = self::ReadParam('param_file', '', 'raw_data');
|
||||
$sParamFile = self::GetParamSourceFile('auth_user');
|
||||
if (is_null($sParamFile)) {
|
||||
$aArguments['auth_user'] = $sAuthUser;
|
||||
$aArguments['auth_pwd'] = $sAuthPwd;
|
||||
} else {
|
||||
$aArguments['param_file'] = $sParamFile;
|
||||
}
|
||||
|
||||
$aArgs = array();
|
||||
foreach($aArguments as $sName => $value)
|
||||
{
|
||||
foreach ($aArguments as $sName => $value) {
|
||||
// Note: See comment from the 23-Apr-2004 03:30 in the PHP documentation
|
||||
// It suggests to rely on pctnl_* function instead of using escapeshellargs
|
||||
$aArgs[] = "--$sName=".escapeshellarg($value);
|
||||
}
|
||||
$sArgs = implode(' ', $aArgs);
|
||||
|
||||
|
||||
$sScript = realpath(APPROOT.$sScriptName);
|
||||
if (!file_exists($sScript))
|
||||
{
|
||||
if (!file_exists($sScript)) {
|
||||
throw new Exception("Could not find the script file '$sScriptName' from the directory '".APPROOT."'");
|
||||
}
|
||||
|
||||
$sCommand = '"'.$sPHPExec.'" '.escapeshellarg($sScript).' -- '.$sArgs;
|
||||
|
||||
if (version_compare(phpversion(), '5.3.0', '<'))
|
||||
{
|
||||
if (substr(PHP_OS,0,3) == 'WIN')
|
||||
{
|
||||
if (version_compare(phpversion(), '5.3.0', '<')) {
|
||||
if (substr(PHP_OS, 0, 3) == 'WIN') {
|
||||
// Under Windows, and for PHP 5.2.x, the whole command has to be quoted
|
||||
// Cf PHP doc: http://php.net/manual/fr/function.exec.php, comment from the 27-Dec-2010
|
||||
$sCommand = '"'.$sCommand.'"';
|
||||
}
|
||||
}
|
||||
|
||||
$sLastLine = exec($sCommand, $aOutput, $iRes);
|
||||
if ($iRes == 1)
|
||||
{
|
||||
exec($sCommand, $aOutput, $iRes);
|
||||
if ($iRes == 1) {
|
||||
throw new Exception(Dict::S('Core:ExecProcess:Code1')." - ".$sCommand);
|
||||
}
|
||||
elseif ($iRes == 255)
|
||||
{
|
||||
} elseif ($iRes == 255) {
|
||||
$sErrors = implode("\n", $aOutput);
|
||||
throw new Exception(Dict::S('Core:ExecProcess:Code255')." - ".$sCommand.":\n".$sErrors);
|
||||
}
|
||||
|
||||
//$aOutput[] = $sCommand;
|
||||
return array($iRes, $aOutput);
|
||||
}
|
||||
|
||||
|
||||
@@ -60,11 +60,8 @@ class DataSynchroTest extends ItopDataTestCase
|
||||
|
||||
protected function ExecSynchroImport($aParams, $bSynchroByHttp)
|
||||
{
|
||||
$aParams['auth_user'] = static::AUTH_USER;
|
||||
$aParams['auth_pwd'] = static::AUTH_PWD;
|
||||
|
||||
if (!$bSynchroByHttp) {
|
||||
return utils::ExecITopScript('synchro/synchro_import.php', $aParams);
|
||||
return utils::ExecITopScript('synchro/synchro_import.php', $aParams, static::AUTH_USER, static::AUTH_PWD);
|
||||
}
|
||||
|
||||
//$aParams['output'] = 'details';
|
||||
|
||||
Reference in New Issue
Block a user