N°4919 New 'Launch setup" in Application Upgrade (#244)

Admin will now be able to re-launch the iTop setup directly from the administration console in the Administration / Application Upgrade screen.
Before the only way to launch setup on an existing iTop instance was to change permissions on the configuration file.

This button will be enabled depending on the isDevEnv (if true it will be displayed) and `setup.launch_button.enabled` new configuration parameter (not present by default ; if set to false will always hide the button, if set to true will always display it, if not set will display button depending on isDevEnv only).

Co-authored-by: Molkobain <lajarige.guillaume@free.fr>

core/config.class.inc.php

@@ -1552,6 +1552,14 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		],
+		'setup.launch_button.enabled' => [
+			'type'                => 'bool',
+			'description'         => 'If true displays in the Application Upgrade screen a button allowing to launch the setup in a single click (no more manual config file permission change needed)',
+			'default'             => null,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
 	];
 
 	public function IsProperty($sPropCode)

datamodels/2.x/itop-config/config.php

@@ -189,14 +189,16 @@ try {
 			$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('operation', 'save'));
 			$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('transaction_id', utils::GetNewTransactionId()));
 
-			// - Cancel button
+			//--- Cancel button
 			$oCancelButton = ButtonUIBlockFactory::MakeForCancel(Dict::S('config-cancel'), 'cancel_button', null, true, 'cancel_button');
 			$oCancelButton->SetOnClickJsCode("return ResetConfig();");
 			$oForm->AddSubBlock($oCancelButton);
 
-			// - Submit button
+			//--- Submit button
 			$oSubmitButton = ButtonUIBlockFactory::MakeForPrimaryAction(Dict::S('config-apply'), null, Dict::S('config-apply'), true, 'submit_button');
 			$oForm->AddSubBlock($oSubmitButton);
+
+			//--- Config editor
 			$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('prev_config', $sOriginalConfigEscaped, 'prev_config'));
 			$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('new_config', $sConfigEscaped));
 			$oForm->AddHtml("<div id =\"new_config\" style=\"position: absolute; top: ".$iEditorTopMargin."em; bottom: 0; left: 5px; right: 5px;\"></div>");

datamodels/2.x/itop-core-update/dictionaries/en.dict.itop-core-update.php

@@ -54,6 +54,7 @@ Dict::Add('EN US', 'English', 'English', array(
 
     'iTopUpdate:UI:Status' => 'Status',
     'iTopUpdate:UI:Action' => 'Update',
+    'iTopUpdate:UI:Setup' => ITOP_APPLICATION_SHORT.' Setup',
     'iTopUpdate:UI:History' => 'Versions History',
     'iTopUpdate:UI:Progress' => 'Progress of the upgrade',
 
@@ -81,6 +82,9 @@ Dict::Add('EN US', 'English', 'English', array(
 
 
 
+	'iTopUpdate:UI:SetupLaunch' => 'Launch '.ITOP_APPLICATION_SHORT.' Setup',
+	'iTopUpdate:UI:SetupLaunchConfirm' => 'This will launch '.ITOP_APPLICATION_SHORT.' setup, are you sure?',
+
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start',
 	'iTopUpdate:UI:SetupMessage:EnterMaintenance' => 'Entering maintenance mode',

datamodels/2.x/itop-core-update/src/Controller/AjaxController.php

@@ -17,6 +17,7 @@ use Dict;
 use Exception;
 use IssueLog;
 use MetaModel;
+use SecurityException;
 use SetupUtils;
 use utils;
 
@@ -211,8 +212,7 @@ class AjaxController extends Controller
 			CoreUpdater::UpdateDatabase();
 			$iResponseCode = 200;
 		}
-		catch (Exception $e)
-		{
+		catch (Exception $e) {
 			IssueLog::Error("Compile: ".$e->getMessage());
 			$aParams['sError'] = $e->getMessage();
 			$iResponseCode = 500;
@@ -220,4 +220,20 @@ class AjaxController extends Controller
 
 		$this->DisplayJSONPage($aParams, $iResponseCode);
 	}
+
+	/**
+	 * @throws \SecurityException if CSRF token invalid
+	 */
+	public function OperationLaunchSetup()
+	{
+		$sTransactionId = utils::ReadParam('transaction_id', '', false, 'transaction_id');
+		if (false === utils::IsTransactionValid($sTransactionId)) {
+			throw new SecurityException('Access forbidden');
+		}
+
+		$sConfigFile = APPCONF.'production/config-itop.php';
+		@chmod($sConfigFile, 0770); // Allow overwriting the file
+
+		header('Location: ../setup/');
+	}
 }

datamodels/2.x/itop-core-update/src/Controller/UpdateController.php

@@ -35,6 +35,25 @@ class UpdateController extends Controller
 		$oSet = new DBObjectSet($oFilter, ['installed' => false]); // Most recent first
 		$aParams['oSet'] = $oSet;
 
+		$oConfig = utils::GetConfig();
+		$bConfigParamSetupLaunchButtonEnabled = $oConfig->Get('setup.launch_button.enabled');
+		if (is_null($bConfigParamSetupLaunchButtonEnabled)) {
+			$bIsSetupLaunchButtonEnabled = utils::IsDevelopmentEnvironment();
+		} else if (false === $bConfigParamSetupLaunchButtonEnabled) {
+			$bIsSetupLaunchButtonEnabled = false;
+		} else {
+			$bIsSetupLaunchButtonEnabled = $bConfigParamSetupLaunchButtonEnabled || utils::IsDevelopmentEnvironment();
+		}
+		$aParams['bIsSetupLaunchButtonEnabled'] = $bIsSetupLaunchButtonEnabled;
+		if ($bIsSetupLaunchButtonEnabled) {
+			$sLaunchSetupUrl = utils::GetAbsoluteUrlModulePage('itop-core-update', 'ajax.php',
+				[
+					'operation'      => 'LaunchSetup',
+					'transaction_id' => $sTransactionId,
+				]);;
+			$aParams['sLaunchSetupUrl'] = $sLaunchSetupUrl;
+		}
+
 		$this->DisplayPage($aParams);
 	}
 

datamodels/2.x/itop-core-update/view/SelectUpdateFile.html.twig

@@ -87,6 +87,14 @@
 
         {% EndUIFieldSet %}
 
+    {% if bIsSetupLaunchButtonEnabled %}
+        {% UIFieldSet Standard {'sLegend':'iTopUpdate:UI:Setup'|dict_s} %}
+            {% UIForm Standard {'sId':'launch-setup-form', Action:sLaunchSetupUrl} %}
+                {% UIButton ForDestructiveAction {'sLabel':'iTopUpdate:UI:SetupLaunch'|dict_s, 'sName':'launch-setup', 'sValue':'launch-setup', 'bIsSubmit':true, 'sId':'launch-setup'} %}
+            {% EndUIForm %}
+        {% EndUIFieldSet %}
+    {% endif %}
+
         {% UIFieldSet Standard {'sLegend':'iTopUpdate:UI:History'|dict_s} %}
             {% UIDataTable ForRendering {'sListId':'iboupdatehistory', 'oSet':oSet} %}{% EndUIDataTable %}
         {% EndUIFieldSet %}

datamodels/2.x/itop-core-update/view/SelectUpdateFile.ready.js.twig

@@ -101,3 +101,7 @@ $("#check-update").on("click", function(e) {
     e.stopPropagation();
     return false;
 });
+
+$("#launch-setup-form").on("submit", function () {
+    return window.confirm("{{ 'iTopUpdate:UI:SetupLaunchConfirm'|dict_s }}");
+});

index.php

@@ -25,9 +25,11 @@ if (file_exists(dirname(__FILE__).'/'.$sConfigFile))
 		}
 		else
 		{
-			echo "<p><b>Security Warning</b>: the configuration file '$sConfigFile' should be read-only.</p>";
-			echo "<p>Please modify the access rights to this file.</p>";
-			echo "<p>Click <a href=\"$sStartPage\">here</a> to ignore this warning and continue to run iTop.</p>";
+			echo <<<HTML
+<p><b>Security Warning</b>: the configuration file '{$sConfigFile}' should be read-only.</p>
+<p>Please modify the access rights to this file.</p>
+<p>Click <a href="{$sStartPage}">here</a> to ignore this warning and continue to run iTop.</p>
+HTML;
 		}
 	}
 	else

setup/wizardcontroller.class.inc.php

@@ -182,7 +182,12 @@ class WizardController
 					$oP->add("<h2>Fatal error</h2>\n");
 					$oP->error("<b>Error:</b> the configuration file '".$sRelativePath."' already exists and cannot be overwritten.");
 					$oP->p("The wizard cannot modify the configuration file for you. If you want to upgrade ".ITOP_APPLICATION.", make sure that the file '<b>".$sRelativePath."</b>' can be modified by the web server.");
-					$oP->p('<button type="button" class="ibo-button ibo-is-regular ibo-is-primary" onclick="window.location.reload()">Reload</button>');
+
+					$sButtonsHtml = <<<HTML
+<button type="button" class="ibo-button ibo-is-regular ibo-is-primary" onclick="window.location.reload()">Reload</button>
+HTML;
+					$oP->p($sButtonsHtml);
+
 					$oP->output();
 					// Prevent token creation
 					exit;