From cc3e6d64e18c0a2c12d4237f04bfed5a6b1201dd Mon Sep 17 00:00:00 2001 From: Eric Date: Thu, 16 Jan 2020 10:49:49 +0100 Subject: [PATCH] =?UTF-8?q?N=C2=B02249=20-=20Supportability=20-=20Updater?= =?UTF-8?q?=20module=20(Allow=20to=20run=20setup=20in=20case=20of=20failur?= =?UTF-8?q?e)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../itop-core-update/en.dict.itop-core-update.php | 1 + .../itop-core-update/fr.dict.itop-core-update.php | 3 ++- .../src/Controller/AjaxController.php | 8 ++++++++ .../src/Controller/UpdateController.php | 9 +++++++++ .../view/UpdateCoreFiles.html.twig | 5 +++++ .../view/UpdateCoreFiles.ready.js.twig | 2 +- index.php | 15 ++++++++++++--- setup/index.php | 2 -- setup/setuputils.class.inc.php | 11 +++++++++-- setup/wizardcontroller.class.inc.php | 5 ++++- 10 files changed, 51 insertions(+), 10 deletions(-) diff --git a/datamodels/2.x/itop-core-update/en.dict.itop-core-update.php b/datamodels/2.x/itop-core-update/en.dict.itop-core-update.php index ea7b476ed..9ade914f1 100644 --- a/datamodels/2.x/itop-core-update/en.dict.itop-core-update.php +++ b/datamodels/2.x/itop-core-update/en.dict.itop-core-update.php @@ -35,6 +35,7 @@ Dict::Add('EN US', 'English', 'English', array( 'iTopUpdate:UI:Back' => 'Back', 'iTopUpdate:UI:Cancel' => 'Cancel', 'iTopUpdate:UI:Continue' => 'Continue', + 'iTopUpdate:UI:RunSetup' => 'Run Setup', 'iTopUpdate:UI:WithDBBackup' => 'Database backup', 'iTopUpdate:UI:WithFilesBackup' => 'Application files backup', 'iTopUpdate:UI:WithoutBackup' => 'No backup is planned', diff --git a/datamodels/2.x/itop-core-update/fr.dict.itop-core-update.php b/datamodels/2.x/itop-core-update/fr.dict.itop-core-update.php index 34f187d20..632c05bbe 100644 --- a/datamodels/2.x/itop-core-update/fr.dict.itop-core-update.php +++ b/datamodels/2.x/itop-core-update/fr.dict.itop-core-update.php @@ -35,7 +35,8 @@ Dict::Add('FR FR', 'French', 'Français', array( 'iTopUpdate:UI:Back' => 'Annuler', 'iTopUpdate:UI:Cancel' => 'Annuler', 'iTopUpdate:UI:Continue' => 'Continuer', - 'iTopUpdate:UI:WithDBBackup' => 'Sauvegarde de la base de données', + 'iTopUpdate:UI:RunSetup' => 'Lancer le Setup', + 'iTopUpdate:UI:WithDBBackup' => 'Sauvegarde de la base de données', 'iTopUpdate:UI:WithFilesBackup' => 'Archive des fichiers de l\'application', 'iTopUpdate:UI:WithoutBackup' => 'Pas de sauvegarde', 'iTopUpdate:UI:Backup' => 'Sauvegarde effectuée avant la mise à jour', diff --git a/datamodels/2.x/itop-core-update/src/Controller/AjaxController.php b/datamodels/2.x/itop-core-update/src/Controller/AjaxController.php index 0214781a5..736947708 100644 --- a/datamodels/2.x/itop-core-update/src/Controller/AjaxController.php +++ b/datamodels/2.x/itop-core-update/src/Controller/AjaxController.php @@ -79,6 +79,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); SetupUtils::EnterReadOnlyMode(MetaModel::GetConfig()); $iResponseCode = 200; } catch (Exception $e) @@ -95,6 +96,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(true); SetupUtils::ExitReadOnlyMode(); $iResponseCode = 200; } catch (Exception $e) @@ -111,6 +113,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); CoreUpdater::Backup(); $iResponseCode = 200; } catch (Exception $e) @@ -127,6 +130,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); CoreUpdater::CreateItopArchive(); $iResponseCode = 200; } catch (Exception $e) @@ -143,6 +147,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); CoreUpdater::CopyCoreFiles(); $iResponseCode = 200; } catch (Exception $e) @@ -160,6 +165,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); CoreUpdater::CheckCompile(); $iResponseCode = 200; } @@ -178,6 +184,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); CoreUpdater::Compile(); $iResponseCode = 200; } @@ -196,6 +203,7 @@ class AjaxController extends Controller $aParams = array(); try { + SetupUtils::CheckSetupToken(); CoreUpdater::UpdateDatabase(); $iResponseCode = 200; } diff --git a/datamodels/2.x/itop-core-update/src/Controller/UpdateController.php b/datamodels/2.x/itop-core-update/src/Controller/UpdateController.php index 3a9afda00..f276f5264 100644 --- a/datamodels/2.x/itop-core-update/src/Controller/UpdateController.php +++ b/datamodels/2.x/itop-core-update/src/Controller/UpdateController.php @@ -140,6 +140,15 @@ class UpdateController extends Controller $this->DisplayPage($aParams); } + public function OperationRunSetup() + { + SetupUtils::CheckSetupToken(true); + $sConfigFile = APPCONF.'production/'.ITOP_CONFIG_FILE; + @chmod($sConfigFile, 0770); + $sRedirectURL = utils::GetAbsoluteUrlAppRoot().'setup/index.php'; + header("Location: $sRedirectURL"); + } + private function GetPreviousInstallations() { return DBToolsUtils::GetPreviousInstallations(); diff --git a/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.html.twig b/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.html.twig index 22eb60479..d43634aff 100644 --- a/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.html.twig +++ b/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.html.twig @@ -78,6 +78,11 @@ {{ 'iTopUpdate:UI:RestoreBackup'|dict_format(sBackupFile) }} {% endif %} +
+ + +

+
diff --git a/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.ready.js.twig b/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.ready.js.twig index 42b278ce4..468b07641 100644 --- a/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.ready.js.twig +++ b/datamodels/2.x/itop-core-update/view/UpdateCoreFiles.ready.js.twig @@ -91,7 +91,6 @@ function ExecNextStep() { setTimeout(ExecNextStep, 500); }) .fail(function ( jqXHR) { - $("#setup_continue").removeAttr("disabled"); if (jqXHR && jqXHR.responseJSON) { $("#setup_error").html({{ 'iTopUpdate:Error:UpdateFailed'|dict_s|json_encode|raw }}+" "+jqXHR.responseJSON.sError); } @@ -101,6 +100,7 @@ function ExecNextStep() { } $('.progress').css("background-image", "none").css("background-color", "#fcc"); $("#setup_error_outer").show(); + $("#setup_continue").hide(); }) ; } diff --git a/index.php b/index.php index fde7078ff..61a673425 100644 --- a/index.php +++ b/index.php @@ -17,9 +17,18 @@ if (file_exists(dirname(__FILE__).'/'.$sConfigFile)) } else if (is_writable($sConfigFile)) { - echo "

Security Warning: the configuration file '$sConfigFile' should be read-only.

"; - echo "

Please modify the access rights to this file.

"; - echo "

Click here to ignore this warning and continue to run iTop.

"; + require_once (APPROOT.'setup/setuputils.class.inc.php'); + if (SetupUtils::IsInReadOnlyMode()) + { + echo "

Warning: the application is currently in maintenance, please wait.

"; + echo "

Click here to ignore this warning and continue to run iTop in read-only mode.

"; + } + else + { + echo "

Security Warning: the configuration file '$sConfigFile' should be read-only.

"; + echo "

Please modify the access rights to this file.

"; + echo "

Click here to ignore this warning and continue to run iTop.

"; + } } else { diff --git a/setup/index.php b/setup/index.php index b309ce79d..1728bf871 100644 --- a/setup/index.php +++ b/setup/index.php @@ -26,8 +26,6 @@ require_once(APPROOT.'/setup/wizardcontroller.class.inc.php'); require_once(APPROOT.'/setup/wizardsteps.class.inc.php'); clearstatcache(); // Make sure we know what we are doing ! -SetupUtils::ExitMaintenanceMode(false); // Reset maintenance mode in case of problem -SetupUtils::ExitReadOnlyMode(false); // Reset readonly mode in case of problem // Set a long (at least 4 minutes) execution time for the setup to avoid timeouts during this phase ini_set('max_execution_time', max(240, ini_get('max_execution_time'))); // While running the setup it is desirable to see any error that may happen diff --git a/setup/setuputils.class.inc.php b/setup/setuputils.class.inc.php index 4e353a49a..8fb8ffc42 100644 --- a/setup/setuputils.class.inc.php +++ b/setup/setuputils.class.inc.php @@ -2030,15 +2030,22 @@ JS /** * Verify Setup authentication token (from the request parameter 'authent') * + * @param bool $bRemoveToken + * * @throws \SecurityException */ - public final static function CheckSetupToken() + public final static function CheckSetupToken($bRemoveToken = false) { $sAuthent = utils::ReadParam('authent', '', false, 'raw_data'); - if (!file_exists(APPROOT.'data/setup/authent') || $sAuthent !== file_get_contents(APPROOT.'data/setup/authent')) + $sTokenFile = APPROOT.'data/setup/authent'; + if (!file_exists($sTokenFile) || $sAuthent !== file_get_contents($sTokenFile)) { throw new SecurityException('Setup operations are not allowed outside of the setup'); } + if ($bRemoveToken) + { + @unlink($sTokenFile); + } } private final static function Log($sText) diff --git a/setup/wizardcontroller.class.inc.php b/setup/wizardcontroller.class.inc.php index ac991e4ce..2615db0a4 100644 --- a/setup/wizardcontroller.class.inc.php +++ b/setup/wizardcontroller.class.inc.php @@ -173,6 +173,9 @@ class WizardController // The configuration file already exists if (!is_writable($sConfigFile)) { + SetupUtils::ExitMaintenanceMode(false); // Reset maintenance mode in case of problem + SetupUtils::ExitReadOnlyMode(false); // Reset readonly mode in case of problem + $sRelativePath = utils::GetConfigFilePathRelative(); $oP = new SetupPage('Installation Cannot Continue'); $oP->add("

Fatal error

\n"); @@ -643,4 +646,4 @@ class Step3 extends WizardStep } } -End of the example */ \ No newline at end of file +End of the example */