mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-13 07:24:13 +01:00
Merge remote-tracking branch 'origin/support/2.5'
# Conflicts: # datamodels/2.x/itop-backup/module.itop-backup.php # setup/setup.js # setup/wizardsteps.class.inc.php
This commit is contained in:
Pierre Goiffon
@@ -47,31 +47,14 @@ class DBBackupScheduled extends DBBackup
|
||||
{
|
||||
protected function LogInfo($sMsg)
|
||||
{
|
||||
static $bDebug = null;
|
||||
if ($bDebug == null)
|
||||
{
|
||||
$bDebug = MetaModel::GetConfig()->GetModuleSetting('itop-backup', 'debug', false);
|
||||
}
|
||||
|
||||
if ($bDebug)
|
||||
{
|
||||
echo $sMsg."\n";
|
||||
}
|
||||
echo $sMsg."\n";
|
||||
IssueLog::Info($sMsg);
|
||||
}
|
||||
|
||||
protected function LogError($sMsg)
|
||||
{
|
||||
static $bDebug = null;
|
||||
if ($bDebug == null)
|
||||
{
|
||||
$bDebug = MetaModel::GetConfig()->GetModuleSetting('itop-backup', 'debug', false);
|
||||
}
|
||||
|
||||
IssueLog::Error($sMsg);
|
||||
if ($bDebug)
|
||||
{
|
||||
echo 'Error: '.$sMsg."\n";
|
||||
}
|
||||
echo 'Error: '.$sMsg."\n";
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -52,7 +52,7 @@ SetupWebPage::AddModule(
|
||||
//'file_name_format' => '__DB__-%Y-%m-%d_%H_%M',
|
||||
'retention_count' => 5,
|
||||
'enabled' => true,
|
||||
'debug' => false,
|
||||
'itop_root' => '',
|
||||
'itop_backup_incident' => '',
|
||||
),
|
||||
)
|
||||
|
||||
@@ -147,9 +147,11 @@ header("Expires: Fri, 17 Jul 1970 05:00:00 GMT"); // Date in the past
|
||||
$sOperation = Utils::ReadParam('operation', '');
|
||||
try
|
||||
{
|
||||
if (is_file(utils::GetConfigFilePath()) && !is_writable(utils::GetConfigFilePath()))
|
||||
$sAuthent = utils::ReadParam('authent', '', false, 'raw_data');
|
||||
if (!file_exists(APPROOT.'data/setup/authent') || $sAuthent !== file_get_contents(APPROOT.'data/setup/authent'))
|
||||
{
|
||||
throw new Exception('Setup operations are not allowed outside of the setup');
|
||||
throw new SecurityException('Setup operations are not allowed outside of the setup');
|
||||
SetupPage::log_error("Setup operations are not allowed outside of the setup");
|
||||
}
|
||||
|
||||
switch($sOperation)
|
||||
|
||||
@@ -313,8 +313,11 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
|
||||
$sTmpFolder = APPROOT.'data/tmp-backup-'.rand(10000, getrandmax());
|
||||
$aFiles = $this->PrepareFilesToBackup($sSourceConfigFile, $sTmpFolder);
|
||||
|
||||
$sFilesList = var_export($aFiles, true);
|
||||
$this->LogInfo("backup: adding to archive files '$sFilesList'");
|
||||
$oArchive->createModify($aFiles, '', $sTmpFolder);
|
||||
|
||||
$this->LogInfo("backup: removing tmp folder '$sTmpFolder'");
|
||||
SetupUtils::rrmdir($sTmpFolder);
|
||||
}
|
||||
|
||||
@@ -334,6 +337,7 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
|
||||
{
|
||||
SetupUtils::rrmdir($sTmpFolder);
|
||||
}
|
||||
$this->LogInfo("backup: creating tmp dir '$sTmpFolder'");
|
||||
@mkdir($sTmpFolder, 0777, true);
|
||||
if (is_null($sSourceConfigFile))
|
||||
{
|
||||
@@ -342,6 +346,7 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
|
||||
if (!empty($sSourceConfigFile))
|
||||
{
|
||||
$sFile = $sTmpFolder.'/config-itop.php';
|
||||
$this->LogInfo("backup: adding resource '$sSourceConfigFile'");
|
||||
copy($sSourceConfigFile, $sFile);
|
||||
$aRet[] = $sFile;
|
||||
}
|
||||
@@ -350,6 +355,7 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
|
||||
if (file_exists($sDeltaFile))
|
||||
{
|
||||
$sFile = $sTmpFolder.'/delta.xml';
|
||||
$this->LogInfo("backup: adding resource '$sDeltaFile'");
|
||||
copy($sDeltaFile, $sFile);
|
||||
$aRet[] = $sFile;
|
||||
}
|
||||
@@ -358,6 +364,7 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
|
||||
{
|
||||
$sModules = utils::GetCurrentEnvironment().'-modules';
|
||||
$sFile = $sTmpFolder.'/'.$sModules;
|
||||
$this->LogInfo("backup: adding resource '$sExtraDir'");
|
||||
SetupUtils::copydir($sExtraDir, $sFile);
|
||||
$aRet[] = $sFile;
|
||||
}
|
||||
@@ -434,7 +441,7 @@ if (class_exists('ZipArchive')) // The setup must be able to start even if the "
|
||||
$sCommandDisplay = "$sMySQLDump --opt --skip-lock-tables --default-character-set=".$sMysqldumpCharset." --add-drop-database --single-transaction --host=$sHost $sPortOption --user=xxxxx --password=xxxxx $sTlsOptions --result-file=$sTmpFileName $sDBName $sTables";
|
||||
|
||||
// Now run the command for real
|
||||
$this->LogInfo("Executing command: $sCommandDisplay");
|
||||
$this->LogInfo("backup: generate data file with command: $sCommandDisplay");
|
||||
$aOutput = array();
|
||||
$iRetCode = 0;
|
||||
exec($sCommand, $aOutput, $iRetCode);
|
||||
|
||||
@@ -2,8 +2,9 @@ function WizardAsyncAction(sActionCode, oParams, OnErrorFunction)
|
||||
{
|
||||
var sStepClass = $('#_class').val();
|
||||
var sStepState = $('#_state').val();
|
||||
var sAuthent = $('#authent_token').val();
|
||||
|
||||
var oMap = { operation: 'async_action', step_class: sStepClass, step_state: sStepState, code: sActionCode, params: oParams };
|
||||
var oMap = { operation: 'async_action', step_class: sStepClass, step_state: sStepState, code: sActionCode, authent : sAuthent, params: oParams };
|
||||
|
||||
var ErrorFn = OnErrorFunction;
|
||||
$(document).ajaxError(function(event, request, settings) {
|
||||
|
||||
@@ -1214,7 +1214,7 @@ class ArchiveTar
|
||||
$iBufferLen = strlen("$v_buffer");
|
||||
if ($iBufferLen != $iLen)
|
||||
{
|
||||
$iPack = ((int)($iBufferLen / 512) + 1) * 512;
|
||||
$iPack = (ceil($iBufferLen / 512)) * 512;
|
||||
$sPack = sprintf('a%d', $iPack);
|
||||
}
|
||||
else
|
||||
|
||||
@@ -57,6 +57,13 @@ class WizStepWelcome extends WizardStep
|
||||
|
||||
public function ProcessParams($bMoveForward = true)
|
||||
{
|
||||
if (!file_exists(APPROOT.'data/setup'))
|
||||
{
|
||||
mkdir(APPROOT.'data/setup');
|
||||
}
|
||||
$sUID = hash('sha256', rand());
|
||||
file_put_contents(APPROOT.'data/setup/authent', $sUID);
|
||||
$this->oWizard->SetParameter('authent', $sUID);
|
||||
return array('class' => 'WizStepInstallOrUpgrade', 'state' => '');
|
||||
}
|
||||
|
||||
@@ -284,6 +291,8 @@ class WizStepInstallOrUpgrade extends WizardStep
|
||||
$oPage->add('<tr><td colspan="2">');
|
||||
$oPage->add($sMySQLDumpMessage.'<br/><span id="backup_info" style="font-size:small;color:#696969;">'.$sMessage.'</span></td></tr>');
|
||||
$oPage->add('</table>');
|
||||
$sAuthentToken = $this->oWizard->GetParameter('authent', '');
|
||||
$oPage->add('<input type="hidden" id="authent_token" value="'.$sAuthentToken.'"/>');
|
||||
//$oPage->add('</fieldset>');
|
||||
$oPage->add_ready_script(
|
||||
<<<EOF
|
||||
@@ -802,6 +811,8 @@ class WizStepDBParams extends WizardStep
|
||||
$oPage->add('<table>');
|
||||
SetupUtils::DisplayDBParameters($oPage, true, $sDBServer, $sDBUser, $sDBPwd, $sDBName, $sDBPrefix, $sTlsEnabled,
|
||||
$sTlsCA, $sNewDBName);
|
||||
$sAuthentToken = $this->oWizard->GetParameter('authent', '');
|
||||
$oPage->add('<input type="hidden" id="authent_token" value="'.$sAuthentToken.'"/>');
|
||||
$oPage->add('</table>');
|
||||
$sCreateDB = $this->oWizard->GetParameter('create_db', 'yes');
|
||||
if ($sCreateDB == 'no')
|
||||
@@ -996,6 +1007,8 @@ class WizStepMiscParams extends WizardStep
|
||||
$sChecked = ($sSampleData == 'no') ? 'checked ' : '';
|
||||
$oPage->p('<input id="sample_data_no" name="sample_data" type="radio" value="no" '.$sChecked.'><label for="sample_data_no"> I am installing a <b>production</b> instance, create an empty database to start from.');
|
||||
$oPage->add('</fieldset>');
|
||||
$sAuthentToken = $this->oWizard->GetParameter('authent', '');
|
||||
$oPage->add('<input type="hidden" id="authent_token" value="'.$sAuthentToken.'"/>');
|
||||
$oPage->add_ready_script(
|
||||
<<<EOF
|
||||
$('#application_url').bind('change keyup', function() { WizardUpdateButtons(); } );
|
||||
@@ -2239,7 +2252,10 @@ EOF
|
||||
|
||||
$sJSONData = json_encode($aInstallParams);
|
||||
$oPage->add('<input type="hidden" id="installer_parameters" value="'.htmlentities($sJSONData, ENT_QUOTES, 'UTF-8').'"/>');
|
||||
|
||||
|
||||
$sAuthentToken = $this->oWizard->GetParameter('authent', '');
|
||||
$oPage->add('<input type="hidden" id="authent_token" value="'.$sAuthentToken.'"/>');
|
||||
|
||||
if (!$this->CheckDependencies())
|
||||
{
|
||||
$oPage->error($this->sDependencyIssue);
|
||||
@@ -2494,14 +2510,14 @@ class WizStepDone extends WizardStep
|
||||
$oPage->ok("The installation completed successfully.");
|
||||
}
|
||||
|
||||
if (($this->oWizard->GetParameter('mode', '') == 'upgrade') && $this->oWizard->GetParameter('db_backup', false))
|
||||
if (($this->oWizard->GetParameter('mode', '') == 'upgrade') && $this->oWizard->GetParameter('db_backup', false) && $this->oWizard->GetParameter('authent', false))
|
||||
{
|
||||
$sBackupDestination = $this->oWizard->GetParameter('db_backup_path', '');
|
||||
if (file_exists($sBackupDestination.'.tar.gz'))
|
||||
{
|
||||
// To mitigate security risks: pass only the filename without the extension, the download will add the extension itself
|
||||
$oPage->p('Your backup is ready');
|
||||
$oPage->p('<a style="background:transparent;" href="'.utils::GetAbsoluteUrlAppRoot().'setup/ajax.dataloader.php?operation=async_action&step_class=WizStepDone¶ms[backup]='.urlencode($sBackupDestination).'" target="_blank"><img src="../images/tar.png" style="border:0;vertical-align:middle;"> Download '.basename($sBackupDestination).'</a>');
|
||||
$oPage->p('<a style="background:transparent;" href="'.utils::GetAbsoluteUrlAppRoot().'setup/ajax.dataloader.php?operation=async_action&step_class=WizStepDone¶ms[backup]='.urlencode($sBackupDestination).'&authent='.$this->oWizard->GetParameter('authent','').'" target="_blank"><img src="../images/tar.png" style="border:0;vertical-align:middle;"> Download '.basename($sBackupDestination).'</a>');
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user