From 3647291475f6231abbe278af5e78477c3715a01a Mon Sep 17 00:00:00 2001
From: Stephen Abello <stephen.abello@combodo.com>
Date: Mon, 2 Oct 2023 15:06:17 +0200
Subject: [PATCH 1/4] =?UTF-8?q?N=C2=B06778=20-=20Security=20hardening?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pages/ajax.render.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pages/ajax.render.php b/pages/ajax.render.php
index 4c9e298d34..3c64fa2e58 100644
--- a/pages/ajax.render.php
+++ b/pages/ajax.render.php
@@ -1250,12 +1250,13 @@ EOF
 					'base/layouts/navigation-menu/menu-node'
 				);
 
+				$MenuNameEscaped = utils::HtmlEntities($aValues['name']);
 				// Important: Mind the back ticks to avoid line breaks to break the JS
 				$oPage->add_script(<<<JS
 $('body').trigger('add_shortcut_node.navigation_menu.itop', {
 	parent_menu_node_id: '{$sMenuGroupId}',
 	new_menu_node_html_rendering: `{$sHtml}`,
-	new_menu_name: `{$aValues['name']}`
+	new_menu_name: `{$MenuNameEscaped}`
 });
 JS
 				);

From ba13d24206a2d4e3ee1e1fbddbca17a8b9eda215 Mon Sep 17 00:00:00 2001
From: vdumas <vincent.dumas@combodo.com>
Date: Thu, 5 Oct 2023 18:06:55 +0200
Subject: [PATCH 2/4] =?UTF-8?q?N=C2=B06814=20-=20Datamodel=20remove=20lnkC?=
 =?UTF-8?q?onnectableCIToNetworkDevice=20uniqueness=20rule?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../itop-config-mgmt/datamodel.itop-config-mgmt.xml  | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/datamodels/2.x/itop-config-mgmt/datamodel.itop-config-mgmt.xml b/datamodels/2.x/itop-config-mgmt/datamodel.itop-config-mgmt.xml
index 543f62c3c1..2e42e2e1cb 100755
--- a/datamodels/2.x/itop-config-mgmt/datamodel.itop-config-mgmt.xml
+++ b/datamodels/2.x/itop-config-mgmt/datamodel.itop-config-mgmt.xml
@@ -6354,17 +6354,7 @@
             <attribute id="connectableci_id"/>
           </attributes>
         </reconciliation>
-        <uniqueness_rules>
-          <rule id="no_duplicate">
-            <attributes>
-              <attribute id="networkdevice_id"/>
-              <attribute id="connectableci_id"/>
-            </attributes>
-            <filter><![CDATA[]]></filter>
-            <disabled>false</disabled>
-            <is_blocking>true</is_blocking>
-          </rule>
-        </uniqueness_rules>
+        <uniqueness_rules/>
       </properties>
       <fields>
         <field id="networkdevice_id" xsi:type="AttributeExternalKey">

From ba8f18e1d4b3130e40ef0dd6d817c43bcf4814b6 Mon Sep 17 00:00:00 2001
From: vdumas <vincent.dumas@combodo.com>
Date: Thu, 5 Oct 2023 18:08:03 +0200
Subject: [PATCH 3/4] =?UTF-8?q?N=C2=B06815=20-=20DataModel=20:=20wrong=20a?=
 =?UTF-8?q?ttribute=20type=20for=20SLA.customercontracts=5Flist?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../datamodel.itop-service-mgmt-provider.xml  | 39 ++-----------------
 1 file changed, 3 insertions(+), 36 deletions(-)

diff --git a/datamodels/2.x/itop-service-mgmt-provider/datamodel.itop-service-mgmt-provider.xml b/datamodels/2.x/itop-service-mgmt-provider/datamodel.itop-service-mgmt-provider.xml
index 7be80fb6b6..ac6ee08828 100755
--- a/datamodels/2.x/itop-service-mgmt-provider/datamodel.itop-service-mgmt-provider.xml
+++ b/datamodels/2.x/itop-service-mgmt-provider/datamodel.itop-service-mgmt-provider.xml
@@ -1748,48 +1748,15 @@ public function PrefillSearchForm(&$aContextParam)
           <ext_key_to_remote>slt_id</ext_key_to_remote>
           <duplicates/>
         </field>
-        <field id="customercontracts_list" xsi:type="AttributeLinkedSetIndirect">
+        <field id="customercontracts_list" xsi:type="AttributeLinkedSet">
           <linked_class>lnkCustomerContractToService</linked_class>
           <ext_key_to_me>sla_id</ext_key_to_me>
           <count_min>0</count_min>
           <count_max>0</count_max>
-          <ext_key_to_remote>customercontract_id</ext_key_to_remote>
-          <duplicates>true</duplicates>
+          <edit_mode>none</edit_mode>
         </field>
       </fields>
-      <methods>
-        <method id="DoCheckToWrite">
-          <static>false</static>
-          <access>public</access>
-          <code><![CDATA[
-					public function DoCheckToWrite()
-	{
-		parent::DoCheckToWrite();
-
-		$aCustomerContracts = $this->Get("customercontracts_list");
-		foreach ($aCustomerContracts as $sAttCode => $oCustomerContracts)
-		{
-			// Recurse inside the subdirectories
-			$sOql = "SELECT lnkCustomerContractToService AS ccs WHERE ccs.customercontract_id=:customercontract_id AND ccs.service_id=:service_id";
-			$aQueryParams['customercontract_id'] = $oCustomerContracts->Get("customercontract_id");
-			$aQueryParams['service_id'] = $oCustomerContracts->Get("service_id");
-			if ($this->Get("id") != null)
-			{
-				$sOql = $sOql." AND ccs.sla_id!=:sla_id";
-				$aQueryParams['sla_id'] = $this->Get("id");
-			}
-			$oQuery = DBSearch::FromOQL($sOql, $aQueryParams);
-			$oResultSql = new DBObjectSet($oQuery);
-			$oResultSql->OptimizeColumnLoad(['ccs' => ['customercontract_name','service_name']]);
-			if ($aCurrentRow = $oResultSql->Fetch())
-			{
-				$this->m_aCheckIssues[] = Dict::Format('Class:SLA/Error:UniqueLnkCustomerContractToService',$aCurrentRow->Get('customercontract_name'),$aCurrentRow->Get('service_name'));
-			}
-		}
-	}
-			     ]]></code>
-        </method>
-      </methods>
+      <methods/>
       <presentation>
         <details>
           <items>

From 4267f2b8552007447429348e20c7b695011c1ab7 Mon Sep 17 00:00:00 2001
From: Eric Espie <eric.espie@combodo.com>
Date: Fri, 6 Oct 2023 09:53:26 +0200
Subject: [PATCH 4/4] =?UTF-8?q?N=C2=B06747=20-=20Customizing=20UserLDAP,?=
 =?UTF-8?q?=20generates=20presentation=20error=20messages=20in=20Designer?=
 =?UTF-8?q?=20during=20MTP?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../authent-ldap/datamodel.authent-ldap.xml   | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/datamodels/2.x/authent-ldap/datamodel.authent-ldap.xml b/datamodels/2.x/authent-ldap/datamodel.authent-ldap.xml
index a9d0ed9289..b099a378f8 100644
--- a/datamodels/2.x/authent-ldap/datamodel.authent-ldap.xml
+++ b/datamodels/2.x/authent-ldap/datamodel.authent-ldap.xml
@@ -355,4 +355,26 @@
       </presentation>
     </class>
   </classes>
+  <meta>
+    <classes>
+      <class id="UserInternal" _delta="define_if_not_exists">
+        <fields>
+          <field id="contactid" xsi:type="AttributeExternalKey">
+            <target_class>Contact</target_class>
+          </field>
+          <field id="first_name" xsi:type="AttributeExternalField"/>
+          <field id="last_name" xsi:type="AttributeExternalField"/>
+          <field id="status" xsi:type="AttributeEnum"/>
+          <field id="org_id" xsi:type="AttributeExternalField"/>
+          <field id="email" xsi:type="AttributeExternalField"/>
+          <field id="login" xsi:type="AttributeString"/>
+          <field id="language" xsi:type="AttributeApplicationLanguage"/>
+          <field id="status" xsi:type="AttributeEnum"/>
+          <field id="allowed_org_list" xsi:type="AttributeLinkedSetIndirect"/>
+          <field id="profile_list" xsi:type="AttributeLinkedSetIndirect"/>
+          <field id="log" xsi:type="AttributeCaseLog"/>
+        </fields>
+      </class>
+    </classes>
+  </meta>
 </itop_design>