mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-13 07:24:13 +01:00
N°4449 Fix FPD in dashboard export/import
This commit is contained in:
Pierre Goiffon
@@ -1478,6 +1478,29 @@ JS
|
||||
return $this->sDefinitionFile;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $sDashboardFileRelative can also be an absolute path (compatibility with old URL)
|
||||
*
|
||||
* @return string full path to the Dashboard file
|
||||
* @throws \SecurityException if path isn't under approot
|
||||
* @uses utils::RealPath()
|
||||
* @since 2.7.8 3.0.3 3.1.0 N°4449 remove FPD
|
||||
*/
|
||||
public static function GetDashboardFileFromRelativePath($sDashboardFileRelative)
|
||||
{
|
||||
if (utils::RealPath($sDashboardFileRelative, APPROOT)) {
|
||||
// compatibility with old URL containing absolute path !
|
||||
return $sDashboardFileRelative;
|
||||
}
|
||||
|
||||
$sDashboardFile = APPROOT.$sDashboardFileRelative;
|
||||
if (false === utils::RealPath($sDashboardFile, APPROOT)) {
|
||||
throw new SecurityException('Invalid dashboard file !');
|
||||
}
|
||||
|
||||
return $sDashboardFile;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $sDefinitionFile
|
||||
*/
|
||||
|
||||
@@ -1329,19 +1329,19 @@ class utils
|
||||
$oDashboard = $param;
|
||||
$sDashboardId = $oDashboard->GetId();
|
||||
$sDashboardFile = $oDashboard->GetDefinitionFile();
|
||||
$sDashboardFileRelative = utils::LocalPath($sDashboardFile);
|
||||
$sDlgTitle = addslashes(Dict::S('UI:ImportDashboardTitle'));
|
||||
$sDlgText = addslashes(Dict::S('UI:ImportDashboardText'));
|
||||
$sCloseBtn = addslashes(Dict::S('UI:Button:Cancel'));
|
||||
$sDashboardFileJS = addslashes($sDashboardFile);
|
||||
$sDashboardFileURL = urlencode($sDashboardFile);
|
||||
$sDashboardFileJS = addslashes($sDashboardFileRelative);
|
||||
$sDashboardFileURL = urlencode($sDashboardFileRelative);
|
||||
$sUploadDashboardTransactId = utils::GetNewTransactionId();
|
||||
$aResult = array(
|
||||
new SeparatorPopupMenuItem(),
|
||||
new URLPopupMenuItem('UI:ExportDashboard', Dict::S('UI:ExportDashBoard'), utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=export_dashboard&id='.$sDashboardId.'&file='.$sDashboardFileURL),
|
||||
new JSPopupMenuItem('UI:ImportDashboard', Dict::S('UI:ImportDashBoard'), "UploadDashboard({dashboard_id: '$sDashboardId', file: '$sDashboardFileJS', title: '$sDlgTitle', text: '$sDlgText', close_btn: '$sCloseBtn', transaction: '$sUploadDashboardTransactId' })"),
|
||||
);
|
||||
if ($oDashboard->GetReloadURL())
|
||||
{
|
||||
if ($oDashboard->GetReloadURL()) {
|
||||
$aResult[] = new SeparatorPopupMenuItem();
|
||||
$aResult[] = new URLPopupMenuItem('UI:Menu:PrintableVersion', Dict::S('UI:Menu:PrintableVersion'), $oDashboard->GetReloadURL().'&printable=1', '_blank');
|
||||
}
|
||||
|
||||
@@ -1128,11 +1128,13 @@ try
|
||||
|
||||
case 'export_dashboard':
|
||||
$sDashboardId = utils::ReadParam('id', '', false, 'raw_data');
|
||||
$sDashboardFile = utils::ReadParam('file', '', false, 'raw_data');
|
||||
$sDashboardFileRelative = utils::ReadParam('file', '', false, 'raw_data');
|
||||
|
||||
$sDashboardFile = RuntimeDashboard::GetDashboardFileFromRelativePath($sDashboardFileRelative);
|
||||
|
||||
$oKPI = new ExecutionKPI();
|
||||
$oDashboard = RuntimeDashboard::GetDashboard($sDashboardFile, $sDashboardId);
|
||||
if (!is_null($oDashboard))
|
||||
{
|
||||
if (!is_null($oDashboard)) {
|
||||
$oPage->TrashUnexpectedOutput();
|
||||
$oPage->SetContentType('text/xml');
|
||||
$oPage->SetContentDisposition('attachment', 'dashboard_'.$oDashboard->GetTitle().'.xml');
|
||||
@@ -1143,18 +1145,18 @@ try
|
||||
|
||||
case 'import_dashboard':
|
||||
$sTransactionId = utils::ReadParam('transaction_id', '', false, 'transaction_id');
|
||||
if (!utils::IsTransactionValid($sTransactionId, true))
|
||||
{
|
||||
if (!utils::IsTransactionValid($sTransactionId, true)) {
|
||||
throw new SecurityException('ajax.render.php import_dashboard : invalid transaction_id');
|
||||
}
|
||||
$sDashboardId = utils::ReadParam('id', '', false, 'raw_data');
|
||||
$sDashboardFile = utils::ReadParam('file', '', false, 'raw_data');
|
||||
$sDashboardFileRelative = utils::ReadParam('file', '', false, 'raw_data');
|
||||
|
||||
$sDashboardFile = RuntimeDashboard::GetDashboardFileFromRelativePath($sDashboardFileRelative);
|
||||
|
||||
$oDashboard = RuntimeDashboard::GetDashboard($sDashboardFile, $sDashboardId);
|
||||
$aResult = array('error' => '');
|
||||
if (!is_null($oDashboard))
|
||||
{
|
||||
try
|
||||
{
|
||||
if (!is_null($oDashboard)) {
|
||||
try {
|
||||
$oDoc = utils::ReadPostedDocument('dashboard_upload_file');
|
||||
$oDashboard->FromXml($oDoc->GetData());
|
||||
$oDashboard->Save();
|
||||
|
||||
Reference in New Issue
Block a user