fix restore info logging

Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
Co-authored-by: Romain Quetiez <romain.quetiez@combodo.com>

.doc/itop-version-history.md

@@ -62,6 +62,12 @@ gitGraph
     commit id: "2022-12-28" tag: "2.7.8"
     checkout support/3.0
     commit id: "2023-04-12" tag: "3.0.3"
+    checkout develop
+    commit id: "2023-06-19" tag: "3.1.0-beta" type: REVERSE
+    commit id: "2023-07-26" tag: "3.1.0-1" type: HIGHLIGHT
+    branch support/3.1 order: 840
+    checkout support/3.1
+    commit id: "2023-08-09" tag: "3.1.0-2"
 ```
 
-To learn more, check the [iTop community versions history on the official wiki](https://www.itophub.io/wiki/page?id=latest:release:start).
+To learn more, check the [iTop community versions history on the official wiki](https://www.itophub.io/wiki/page?id=latest:release:start).

.make/license/updateLicenses.php

@@ -19,17 +19,24 @@
  * The target license file path is in `$xmlFilePath`
  */
 
-$iTopFolder = __DIR__ . "/../../" ;
-$xmlFilePath = $iTopFolder . "setup/licenses/community-licenses.xml";
+$iTopFolder = __DIR__."/../../";
+$xmlFilePath = $iTopFolder."setup/licenses/community-licenses.xml";
 
-function get_scope($product_node)
-{
+$jqExec = shell_exec("jq -V"); // a param is mandatory otherwise the script will freeze
+if ((null === $jqExec) || (false === $jqExec)) {
+	echo "/!\ JQ is required but cannot be launched :( \n";
+	echo "Check this script PHPDoc block for instructions\n";
+	die(-1);
+}
+
+
+function get_scope($product_node) {
 	$scope = $product_node->getAttribute("scope");
 
-	if ($scope === "")
-	{   //put iTop first
+	if ($scope === "") {   //put iTop first
 		return "aaaaaaaaa";
 	}
+
 	return $scope;
 }
 

CONTRIBUTING.md

@@ -161,4 +161,4 @@ We have one sticker per contribution type. You might get multiple stickers with
 
 Here is the design of each stickers for year 2022:
 
-![iTop stickers 2022](.doc/contributing-guide/2022.contributing-stickers-side-by-side.png)
+![iTop stickers 2023](.doc/contributing-guide/2023.contributing-stickers-side-by-side.png)

addons/userrights/userrightsprofile.class.inc.php

@@ -228,6 +228,7 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 			"db_table"            => "priv_urp_userprofile",
 			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
+			"is_link" 			  => true, /** @since 3.1.0 N°6482 N°5324 */
 			'uniqueness_rules'    => array(
 				'no_duplicate' => array(
 					'attributes'  => array(

addons/userrights/userrightsprofile.db.class.inc.php

@@ -23,7 +23,7 @@ define('PORTAL_PROFILE_NAME', 'Portal user');
 class UserRightsBaseClassGUI extends cmdbAbstractObject
 {
 	// Whenever something changes, reload the privileges
-	
+
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -43,7 +43,7 @@ class UserRightsBaseClassGUI extends cmdbAbstractObject
 class UserRightsBaseClass extends DBObject
 {
 	// Whenever something changes, reload the privileges
-	
+
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -100,7 +100,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$this->m_bCheckReservedNames = false;
 	}
 
-	
+
 	protected static $m_aActions = array(
 		UR_ACTION_READ => 'Read',
 		UR_ACTION_MODIFY => 'Modify',
@@ -113,7 +113,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	protected static $m_aCacheActionGrants = null;
 	protected static $m_aCacheStimulusGrants = null;
 	protected static $m_aCacheProfiles = null;
-	
+
 	public static function DoCreateProfile($sName, $sDescription, $bReservedName = false)
 	{
 		if (is_null(self::$m_aCacheProfiles))
@@ -125,7 +125,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheProfiles[$oProfile->Get('name')] = $oProfile->GetKey();
 			}
-		}	
+		}
 
 		$sCacheKey = $sName;
 		if (isset(self::$m_aCacheProfiles[$sCacheKey]))
@@ -137,17 +137,17 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('description', $sDescription);
 		if ($bReservedName)
 		{
-			$oNewObj->DisableCheckOnReservedNames();			
+			$oNewObj->DisableCheckOnReservedNames();
 		}
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheProfiles[$sCacheKey] = $iId;	
+		self::$m_aCacheProfiles[$sCacheKey] = $iId;
 		return $iId;
 	}
-	
+
 	public static function DoCreateActionGrant($iProfile, $iAction, $sClass, $bPermission = true)
 	{
 		$sAction = self::$m_aActions[$iAction];
-	
+
 		if (is_null(self::$m_aCacheActionGrants))
 		{
 			self::$m_aCacheActionGrants = array();
@@ -157,7 +157,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheActionGrants[$oGrant->Get('profileid').'-'.$oGrant->Get('action').'-'.$oGrant->Get('class')] = $oGrant->GetKey();
 			}
-		}	
+		}
 
 		$sCacheKey = "$iProfile-$sAction-$sClass";
 		if (isset(self::$m_aCacheActionGrants[$sCacheKey]))
@@ -171,10 +171,10 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('class', $sClass);
 		$oNewObj->Set('action', $sAction);
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheActionGrants[$sCacheKey] = $iId;	
+		self::$m_aCacheActionGrants[$sCacheKey] = $iId;
 		return $iId;
 	}
-	
+
 	public static function DoCreateStimulusGrant($iProfile, $sStimulusCode, $sClass)
 	{
 		if (is_null(self::$m_aCacheStimulusGrants))
@@ -186,7 +186,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheStimulusGrants[$oGrant->Get('profileid').'-'.$oGrant->Get('stimulus').'-'.$oGrant->Get('class')] = $oGrant->GetKey();
 			}
-		}	
+		}
 
 		$sCacheKey = "$iProfile-$sStimulusCode-$sClass";
 		if (isset(self::$m_aCacheStimulusGrants[$sCacheKey]))
@@ -199,13 +199,13 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('class', $sClass);
 		$oNewObj->Set('stimulus', $sStimulusCode);
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheStimulusGrants[$sCacheKey] = $iId;	
+		self::$m_aCacheStimulusGrants[$sCacheKey] = $iId;
 		return $iId;
 	}
-	
+
 	/*
 	* Create the built-in Administrator profile with its reserved name
-	*/	
+	*/
 	public static function DoCreateAdminProfile()
 	{
 		self::DoCreateProfile(ADMIN_PROFILE_NAME, 'Has the rights on everything (bypassing any control)', true /* reserved name */);
@@ -213,7 +213,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 
 	/*
 	* Overload the standard behavior to preserve reserved names
-	*/	
+	*/
 	public function DoCheckToWrite()
 	{
 		parent::DoCheckToWrite();
@@ -255,7 +255,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			return '<span style="background-color: #ffdddd;">'.Dict::S('UI:UserManagement:ActionAllowed:No').'</span>';
 		}
 	}
-	
+
 	function DoShowGrantSumary($oPage)
 	{
 		if ($this->GetRawName() == "Administrator")
@@ -267,7 +267,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 
 		// Note: for sure, we assume that the instance is derived from UserRightsProfile
 		$oUserRights = UserRights::GetModuleInstance();
-	
+
 		$aDisplayData = array();
 		foreach (MetaModel::GetClasses('bizmodel') as $sClass)
 		{
@@ -284,7 +284,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
-			
+
 			$aDisplayData[] = array(
 				'class' => MetaModel::GetName($sClass),
 				'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Read'),
@@ -296,7 +296,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				'stimuli' => $sStimuli,
 			);
 		}
-	
+
 		$aDisplayConfig = array();
 		$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
 		$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
@@ -334,6 +334,7 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 			"db_table"            => "priv_urp_userprofile",
 			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
+			"is_link" 			  => true, /** @since 3.1.0 N°6482 N°5324 */
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -610,7 +611,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 				$oSearch->AllowAllData();
 				$oCondition = new BinaryExpression(new FieldExpression('userid'), '=', new VariableExpression('userid'));
 				$oSearch->AddConditionExpression($oCondition);
-				
+
 				$oUserOrgSet = new DBObjectSet($oSearch, array(), array('userid' => $iUser));
 				while ($oUserOrg = $oUserOrgSet->Fetch())
 				{
@@ -632,7 +633,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 			$oSearch->AllowAllData();
 			$oCondition = new BinaryExpression(new FieldExpression('userid'), '=', new VariableExpression('userid'));
 			$oSearch->AddConditionExpression($oCondition);
-			
+
 			$this->m_aUserProfiles[$iUser] = array();
 			$oUserProfileSet = new DBObjectSet($oSearch, array(), array('userid' => $iUser));
 			while ($oUserProfile = $oUserProfileSet->Fetch())
@@ -647,7 +648,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	public function ResetCache()
 	{
 		// Loaded by Load cache
-		$this->m_aProfiles = null; 
+		$this->m_aProfiles = null;
 		$this->m_aUserProfiles = array();
 		$this->m_aUserOrgs = array();
 
@@ -657,7 +658,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		// Loaded on demand (time consuming as compared to the others)
 		$this->m_aClassActionGrants = null;
 		$this->m_aClassStimulusGrants = null;
-		
+
 		$this->m_aObjectActionGrants = array();
 	}
 
@@ -693,10 +694,10 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		}
 
 		$oProfileSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_Profiles"));
-		$this->m_aProfiles = array(); 
+		$this->m_aProfiles = array();
 		while ($oProfile = $oProfileSet->Fetch())
 		{
-			$this->m_aProfiles[$oProfile->GetKey()] = $oProfile; 
+			$this->m_aProfiles[$oProfile->GetKey()] = $oProfile;
 		}
 
 		$this->m_aClassStimulusGrants = array();
@@ -870,7 +871,7 @@ exit;
 		$this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode] = $aRes;
 		return $aRes;
 	}
-	
+
 	public function IsActionAllowed($oUser, $sClass, $iActionCode, $oInstanceSet = null)
 	{
 		$this->LoadCache();
@@ -1008,8 +1009,8 @@ exit;
 
 	/**
 	 * Find out which attribute is corresponding the the dimension 'owner org'
-	 * returns null if no such attribute has been found (no filtering should occur)	 
-	 */	 	
+	 * returns null if no such attribute has been found (no filtering should occur)
+	 */
 	public static function GetOwnerOrganizationAttCode($sClass)
 	{
 		$sAttCode = null;

addons/userrights/userrightsprojection.class.inc.php

@@ -22,9 +22,9 @@ define('ADMIN_PROFILE_ID', 1);
 class UserRightsBaseClass extends cmdbAbstractObject
 {
 	// Whenever something changes, reload the privileges
-	
+
 	// Whenever something changes, reload the privileges
-	
+
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -78,7 +78,7 @@ class URP_Profiles extends UserRightsBaseClass
 	function GetGrantAsHtml($oUserRights, $sClass, $sAction)
 	{
 		$oGrant = $oUserRights->GetClassActionGrant($this->GetKey(), $sClass, $sAction);
-		if (is_object($oGrant) && ($oGrant->Get('permission') == 'yes')) 
+		if (is_object($oGrant) && ($oGrant->Get('permission') == 'yes'))
 		{
 			return '<span style="background-color: #ddffdd;">'.Dict::S('UI:UserManagement:ActionAllowed:Yes').'</span>';
 		}
@@ -87,7 +87,7 @@ class URP_Profiles extends UserRightsBaseClass
 			return '<span style="background-color: #ffdddd;">'.Dict::S('UI:UserManagement:ActionAllowed:No').'</span>';
 		}
 	}
-	
+
 	function DoShowGrantSumary($oPage)
 	{
 		if ($this->GetRawName() == "Administrator")
@@ -99,7 +99,7 @@ class URP_Profiles extends UserRightsBaseClass
 
 		// Note: for sure, we assume that the instance is derived from UserRightsProjection
 		$oUserRights = UserRights::GetModuleInstance();
-	
+
 		$aDisplayData = array();
 		foreach (MetaModel::GetClasses('bizmodel') as $sClass)
 		{
@@ -116,7 +116,7 @@ class URP_Profiles extends UserRightsBaseClass
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
-			
+
 			$aDisplayData[] = array(
 				'class' => MetaModel::GetName($sClass),
 				'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Read'),
@@ -128,7 +128,7 @@ class URP_Profiles extends UserRightsBaseClass
 				'stimuli' => $sStimuli,
 			);
 		}
-	
+
 		$aDisplayConfig = array();
 		$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
 		$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
@@ -277,6 +277,7 @@ class URP_UserProfile extends UserRightsBaseClass
 			"db_table"            => "priv_urp_userprofile",
 			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
+			"is_link" 			  => true, /** @since 3.1.0 N°6482 N°5324 */
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -355,7 +356,7 @@ class URP_ProfileProjection extends UserRightsBaseClass
 			{
 				$aRes = array($oUser->Get($sColumn));
 			}
-			
+
 		}
 		elseif (($sExpr == '<any>') || ($sExpr == ''))
 		{
@@ -426,14 +427,14 @@ class URP_ClassProjection extends UserRightsBaseClass
 			{
 				$aRes = array($oObject->Get($sColumn));
 			}
-			
+
 		}
 		elseif (($sExpr == '<any>') || ($sExpr == ''))
 		{
 			$aRes = null;
 		}
 		elseif (strtolower(substr($sExpr, 0, 6)) == 'select')
-		{ 
+		{
 			$sColumn = $this->Get('attribute');
 			// SELECT...
 			$oValueSetDef = new ValueSetObjects($sExpr, $sColumn, array(), true /*allow all data*/);
@@ -584,14 +585,14 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		$oContact->Set('org_id', $iOrgId);
 		$oContact->Set('email', 'my.email@foo.org');
 		$iContactId = $oContact->DBInsertNoReload();
-		
+
 		$oUser = new UserLocal();
 		$oUser->Set('login', $sAdminUser);
 		$oUser->Set('password', $sAdminPwd);
 		$oUser->Set('contactid', $iContactId);
 		$oUser->Set('language', $sLanguage); // Language was chosen during the installation
 		$iUserId = $oUser->DBInsertNoReload();
-		
+
 		// Add this user to the very specific 'admin' profile
 		$oUserProfile = new URP_UserProfile();
 		$oUserProfile->Set('userid', $iUserId);
@@ -642,24 +643,24 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		// Could be loaded in a shared memory (?)
 
 		$oDimensionSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_Dimensions"));
-		$this->m_aDimensions = array(); 
+		$this->m_aDimensions = array();
 		while ($oDimension = $oDimensionSet->Fetch())
 		{
-			$this->m_aDimensions[$oDimension->GetKey()] = $oDimension; 
+			$this->m_aDimensions[$oDimension->GetKey()] = $oDimension;
 		}
-		
+
 		$oClassProjSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_ClassProjection"));
-		$this->m_aClassProjs = array(); 
+		$this->m_aClassProjs = array();
 		while ($oClassProj = $oClassProjSet->Fetch())
 		{
-			$this->m_aClassProjs[$oClassProj->Get('class')][$oClassProj->Get('dimensionid')] = $oClassProj; 
+			$this->m_aClassProjs[$oClassProj->Get('class')][$oClassProj->Get('dimensionid')] = $oClassProj;
 		}
 
 		$oProfileSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_Profiles"));
-		$this->m_aProfiles = array(); 
+		$this->m_aProfiles = array();
 		while ($oProfile = $oProfileSet->Fetch())
 		{
-			$this->m_aProfiles[$oProfile->GetKey()] = $oProfile; 
+			$this->m_aProfiles[$oProfile->GetKey()] = $oProfile;
 		}
 
 		$oUserProfileSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_UserProfile"));
@@ -675,10 +676,10 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		}
 
 		$oProProSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_ProfileProjection"));
-		$this->m_aProPros = array(); 
+		$this->m_aProPros = array();
 		while ($oProPro = $oProProSet->Fetch())
 		{
-			$this->m_aProPros[$oProPro->Get('profileid')][$oProPro->Get('dimensionid')] = $oProPro; 
+			$this->m_aProPros[$oProPro->Get('profileid')][$oProPro->Get('dimensionid')] = $oProPro;
 		}
 
 /*
@@ -706,7 +707,7 @@ exit;
 				// Authorize any for this dimension, then no additional criteria is required
 				continue;
 			}
- 
+
 			// 1 - Get class projection info
 			//
 			$oExpression = null;
@@ -730,13 +731,13 @@ exit;
 			}
 			elseif (strtolower(substr($sExpr, 0, 6)) == 'select')
 			{
-				throw new CoreException('Sorry, projections by the mean of OQL are not supported currently, please specify an attribute instead', array('class' => $sClass, 'expression' => $sExpr)); 
+				throw new CoreException('Sorry, projections by the mean of OQL are not supported currently, please specify an attribute instead', array('class' => $sClass, 'expression' => $sExpr));
 			}
 			else
 			{
 				// Constant value(s)
 				// unsupported
-				throw new CoreException('Sorry, constant projections are not supported currently, please specify an attribute instead', array('class' => $sClass, 'expression' => $sExpr)); 
+				throw new CoreException('Sorry, constant projections are not supported currently, please specify an attribute instead', array('class' => $sClass, 'expression' => $sExpr));
 //				$aRes = explode(';', trim($sExpr));
 			}
 
@@ -865,7 +866,7 @@ exit;
 		$this->m_aObjectActionGrants[$oUser->GetKey()][$sClass][$iObjectRef][$iActionCode] = $aRes;
 		return $aRes;
 	}
-	
+
 	public function IsActionAllowed($oUser, $sClass, $iActionCode, $oInstanceSet = null)
 	{
 		if (is_null($oInstanceSet))
@@ -933,7 +934,7 @@ exit;
 			}
 			else
 			{
-				$iInstancePermission = UR_ALLOWED_NO; 
+				$iInstancePermission = UR_ALLOWED_NO;
 			}
 
 			if (isset($iGlobalPermission))
@@ -1139,7 +1140,7 @@ exit;
 	}
 
 	protected $m_aMatchingProfiles = array(); // cache of the matching profiles for a given user/object
-	
+
 	protected function GetMatchingProfiles($oUser, $sClass, /*DBObject*/ $oObject = null)
 	{
 		$iUser = $oUser->GetKey();
@@ -1185,7 +1186,7 @@ exit;
 					@$aProfileRes[$iProfile] += 1;
 				}
 			}
-	
+
 			$aRes = array();
 			$iDimCount = count($this->m_aDimensions);
 			foreach ($aProfileRes as $iProfile => $iMatches)
@@ -1199,7 +1200,7 @@ exit;
 
 		// store into the cache
 		$this->m_aMatchingProfiles[$iUser][$sClass][$iObjectRef] = $aRes;
-		return $aRes; 
+		return $aRes;
 	}
 
 	public function FlushPrivileges()

application/applicationcontext.class.inc.php

@@ -238,7 +238,7 @@ class ApplicationContext
 	{
 		$aContextInputBlocks = [];
 		foreach ($this->aValues as $sName => $sValue) {
-			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", utils::EscapeHtml($sValue));
+			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", $sValue);
 		}
 		return $aContextInputBlocks;
 	}

application/applicationextension.inc.php

@@ -2246,3 +2246,70 @@ interface iModuleExtension
 	 */
 	public function __construct();
 }
+
+/**
+ * Interface to provide messages to be displayed in the "Welcome Popup"
+ *
+ * @api
+ * @private
+ * @since 3.1.0
+ */
+interface iWelcomePopup
+{
+	// Importance for ordering messages
+	// Just two levels since less important messages have nothing to do in the welcome popup
+	const IMPORTANCE_CRITICAL = 0;
+	const IMPORTANCE_HIGH = 1;
+	/**
+	 * @return [['importance' => IMPORTANCE_CRITICAL|IMPORTANCE_HIGH, 'id' => '...', 'title' => '', 'html' => '', 'twig' => '']]
+	 */
+	public function GetMessages();
+	/**
+	 * The message specified by the given Id has been acknowledged by the current user
+	 * @param string $sMessageId
+	 */
+	public function AcknowledgeMessage(string $sMessageId): void;
+}
+
+/**
+ * Inherit from this class to provide messages to be displayed in the "Welcome Popup"
+ *
+ * @api
+ * @since 3.1.0
+ */
+abstract class AbstractWelcomePopup implements iWelcomePopup
+{
+	public function GetMessages()
+	{
+		return [];
+	}
+	public function AcknowledgeMessage(string $sMessageId): void
+	{
+		return;
+	}
+}
+
+
+/**
+ * KPI logging extensibility point
+ *
+ * KPI Logger extension
+ */
+interface iKPILoggerExtension
+{
+	/**
+	 * Init the statistics collected
+	 *
+	 * @return void
+	 */
+	public function InitStats();
+
+	/**
+	 * Add a new KPI to the stats
+	 *
+	 * @param \Combodo\iTop\Core\Kpi\KpiLogData $oKpiLogData
+	 *
+	 * @return mixed
+	 */
+	public function LogOperation($oKpiLogData);
+}

application/audit.category.class.inc.php

@@ -34,15 +34,15 @@ class AuditCategory extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category" => "application, grant_by_profile",
-			"key_type" => "autoincrement",
-			"name_attcode" => "name",
-			"state_attcode" => "",
-			"reconc_keys" => array('name'),
-			"db_table" => "priv_auditcategory",
-			"db_key_field" => "id",
+			"category"            => "application,grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "name",
+			"state_attcode"       => "",
+			"reconc_keys"         => array('name'),
+			"db_table"            => "priv_auditcategory",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			'style' => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-folder.svg'),
+			'style'               => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-folder.svg'),
 		);
 		MetaModel::Init_Params($aParams);
 		MetaModel::Init_AddAttribute(new AttributeString("name", array("description"=>"Short name for this category", "allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
@@ -74,15 +74,23 @@ class AuditCategory extends cmdbAbstractObject
 	public function GetReportColor($iTotal, $iErrors)
 	{
 		$sResult = 'red';
-		if ( ($iTotal == 0) || ($iErrors / $iTotal) <= ($this->Get('ok_error_tolerance') / 100) )
-		{
+		if ( ($iTotal == 0) || ($iErrors / $iTotal) <= ($this->Get('ok_error_tolerance') / 100) ) {
 			$sResult = 'green';
-		}
-		else if ( ($iErrors / $iTotal) <= ($this->Get('warning_error_tolerance') / 100) )
-		{
+		} else if (($iErrors / $iTotal) <= ($this->Get('warning_error_tolerance') / 100)) {
 			$sResult = 'orange';
 		}
+
 		return $sResult;
 	}
+
+	public static function GetShortcutActions($sFinalClass)
+	{
+		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
+		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
+			$aShortcutActions[] = 'UI:Menu:RunAudit';
+		}
+
+		return $aShortcutActions;
+	}
 }
 ?>

application/audit.domain.class.inc.php

@@ -35,7 +35,7 @@ class AuditDomain extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category"                   => "application, grant_by_profile",
+			"category"                   => "application,grant_by_profile",
 			"key_type"                   => "autoincrement",
 			"name_attcode"               => "name",
 			"complementary_name_attcode" => array('description'),
@@ -47,19 +47,30 @@ class AuditDomain extends cmdbAbstractObject
 			'style'                      => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-album.svg'),
 		);
 		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("description"=>"Short name for this category", "allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeImage("icon", array("is_null_allowed"=>true, "depends_on"=>array(), "display_max_width"=>96, "display_max_height"=>96, "storage_max_width"=>256, "storage_max_height"=>256, "default_image"=>null, "always_load_in_tables"=>false)));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("categories_list", array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "domain_id", "ext_key_to_remote" => "category_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("name", array("description" => "Short name for this category", "allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeImage("icon", array("is_null_allowed" => true, "depends_on" => array(), "display_max_width" => 96, "display_max_height" => 96, "storage_max_width" => 256, "storage_max_height" => 256, "default_image" => null, "always_load_in_tables" => false)));
+		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("categories_list",
+			array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "domain_id", "ext_key_to_remote" => "category_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('name', 'description', 'icon', 'categories_list')); // Attributes to be displayed for the complete details
-		MetaModel::Init_SetZListItems('list', array('description', )); // Attributes to be displayed for a list
+		MetaModel::Init_SetZListItems('list', array('description',)); // Attributes to be displayed for a list
 		// Search criteria
 		MetaModel::Init_SetZListItems('standard_search', array('description')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description')); // Criteria of the default search form
 	}
 
+	public static function GetShortcutActions($sFinalClass)
+	{
+		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
+		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
+			$aShortcutActions[] = 'UI:Menu:RunAudit';
+		}
+
+		return $aShortcutActions;
+	}
+
 }
 
 /**
@@ -75,15 +86,26 @@ class lnkAuditCategoryToAuditDomain extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category" => "application, grant_by_profile",
-			"key_type" => "autoincrement",
-			"name_attcode" => "",
-			"state_attcode" => "",
-			"reconc_keys" => array('category_id', 'domain_id'),
-			"db_table" => "priv_link_audit_category_domain",
-			"db_key_field" => "id",
+			"category"            => "application, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "",
+			"state_attcode"       => "",
+			"reconc_keys"         => array('category_id', 'domain_id'),
+			"db_table"            => "priv_link_audit_category_domain",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			"is_link" => true,
+			"is_link"             => true,
+			'uniqueness_rules'    => array(
+				'no_duplicate' => array(
+					'attributes'  => array(
+						0 => 'category_id',
+						1 => 'domain_id',
+					),
+					'filter'      => '',
+					'disabled'    => false,
+					'is_blocking' => true,
+				),
+			),
 		);
 		MetaModel::Init_Params($aParams);
 		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("targetclass" => "AuditCategory", "jointype" => '', "allowed_values" => null, "sql" => "category_id", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));

application/audit.rule.class.inc.php

@@ -35,23 +35,23 @@ class AuditRule extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category" => "application, grant_by_profile",
-			"key_type" => "autoincrement",
-			"name_attcode" => "name",
-			"state_attcode" => "",
-			"reconc_keys" => array('name'),
-			"db_table" => "priv_auditrule",
-			"db_key_field" => "id",
+			"category"            => "application,grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "name",
+			"state_attcode"       => "",
+			"reconc_keys"         => array('name'),
+			"db_table"            => "priv_auditrule",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			'style' => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit.svg'),
+			'style'               => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit.svg'),
 		);
 		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values"=>null, "sql"=>"query", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values"=>new ValueSetEnum('true,false'), "sql"=>"valid_flag", "default_value"=>"true", "is_null_allowed"=>false, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values"=>null, "sql"=>"category_id", "targetclass"=>"AuditCategory", "is_null_allowed"=>false, "on_target_delete"=>DEL_MANUAL, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values"=>null, "extkey_attcode"=> 'category_id', "target_attcode"=>"name")));
+		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values" => null, "sql" => "query", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values" => new ValueSetEnum('true,false'), "sql" => "valid_flag", "default_value" => "true", "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values" => null, "sql" => "category_id", "targetclass" => "AuditCategory", "is_null_allowed" => false, "on_target_delete" => DEL_MANUAL, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values" => null, "extkey_attcode" => 'category_id', "target_attcode" => "name")));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('category_id', 'name', 'description', 'query', 'valid_flag')); // Attributes to be displayed for the complete details
@@ -60,5 +60,16 @@ class AuditRule extends cmdbAbstractObject
 		MetaModel::Init_SetZListItems('standard_search', array('category_id', 'name', 'description', 'valid_flag', 'query')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'category_id')); // Criteria of the advanced search form
 	}
+
+
+	public static function GetShortcutActions($sFinalClass)
+	{
+		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
+		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
+			$aShortcutActions[] = 'UI:Menu:RunAudit';
+		}
+
+		return $aShortcutActions;
+	}
 }
 ?>

application/cmdbabstract.class.inc.php

@@ -47,6 +47,7 @@ use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
 use Combodo\iTop\Renderer\Console\ConsoleFormRenderer;
 use Combodo\iTop\Service\Links\LinkSetDataTransformer;
 use Combodo\iTop\Service\Links\LinkSetModel;
+use Combodo\iTop\Service\TemporaryObjects\TemporaryObjectHelper;
 
 
 define('OBJECT_PROPERTIES_TAB', 'ObjectProperties');
@@ -187,9 +188,6 @@ abstract class cmdbAbstractObject extends CMDBObject implements iDisplay
 	/** @var array initial attributes flags cache [attcode]['flags'] */
 	protected $aInitialAttributesFlags;
 
-	protected $iUpdateLoopCount;
-
-	const MAX_UPDATE_LOOP_COUNT = 10;
 
 	/**
 	 * @var array First level classname, second level id, value number of calls done
@@ -227,7 +225,6 @@ abstract class cmdbAbstractObject extends CMDBObject implements iDisplay
 		$this->sDisplayMode = static::DEFAULT_DISPLAY_MODE;
 		$this->bAllowWrite = false;
 		$this->bAllowDelete = false;
-		$this->iUpdateLoopCount = 0;
 	}
 
 	/**
@@ -1169,7 +1166,7 @@ HTML
 	/**
 	 * @param \WebPage $oPage
 	 * @param \CMDBObjectSet $oSet
-	 * @param array $aExtraParams
+	 * @param array $aExtraParams See possible values in {@see DataTableUIBlockFactory::RenderDataTable()}
 	 *
 	 * @throws \ApplicationException
 	 * @throws \CoreException
@@ -2822,33 +2819,33 @@ JS
 			}
 		}
 		// Custom operation for the form ?
-		if (isset($aExtraParams['custom_operation'])) {
-			$sOperation = $aExtraParams['custom_operation'];
-		} else {
-			if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
-				$sOperation = 'apply_modify';
-			} else {
-				$sOperation = 'apply_new';
-			}
-		}
+        if (isset($aExtraParams['custom_operation'])) {
+            $sOperation = $aExtraParams['custom_operation'];
+        } else {
+            if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
+                $sOperation = 'apply_modify';
+            } else {
+                $sOperation = 'apply_new';
+            }
+        }
 
-		$oContentBlock = new UIContentBlock();
-		$oPage->AddUiBlock($oContentBlock);
+        $oContentBlock = new UIContentBlock();
+        $oPage->AddUiBlock($oContentBlock);
 
-		$oForm = new Form("form_{$this->m_iFormId}");
-		$oForm->SetAction($sFormAction);
-		$sOnSubmitForm = "let bOnSubmitForm = OnSubmit('form_{$this->m_iFormId}');";
-		if (isset($aExtraParams['js_handlers']['form_on_submit'])) {
-			$oForm->SetOnSubmitJsCode($sOnSubmitForm.$aExtraParams['js_handlers']['form_on_submit']);
-		} else {
-			$oForm->SetOnSubmitJsCode($sOnSubmitForm."return bOnSubmitForm;");
-		}
-		$oContentBlock->AddSubBlock($oForm);
+        $oForm = new Form("form_{$this->m_iFormId}");
+        $oForm->SetAction($sFormAction);
+        $sOnSubmitForm = "let bOnSubmitForm = OnSubmit('form_{$this->m_iFormId}');";
+        if (isset($aExtraParams['js_handlers']['form_on_submit'])) {
+            $oForm->SetOnSubmitJsCode($sOnSubmitForm . $aExtraParams['js_handlers']['form_on_submit']);
+        } else {
+            $oForm->SetOnSubmitJsCode($sOnSubmitForm . "return bOnSubmitForm;");
+        }
+        $oContentBlock->AddSubBlock($oForm);
 
-		if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
-			// The object already exists in the database, it's a modification
-			$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('id', $iKey, "{$sPrefix}_id"));
-		}
+        if ($this->GetDisplayMode() === static::ENUM_DISPLAY_MODE_EDIT) {
+            // The object already exists in the database, it's a modification
+	        $oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('id', $iKey, "{$sPrefix}_id"));
+        }
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('operation', $sOperation));
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('class', $sClass));
 
@@ -2857,6 +2854,11 @@ JS
 		$oPage->SetTransactionId($iTransactionId);
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('transaction_id', $iTransactionId));
 
+		// Add temporary object watchdog (only on root form)
+		if (!utils::IsXmlHttpRequest()) {
+			$oPage->add_ready_script(TemporaryObjectHelper::GetWatchDogJS($iTransactionId));
+		}
+
 		// TODO 3.0.0: Is this (the if condition, not the code inside) still necessary?
 		if (isset($aExtraParams['wizard_container']) && $aExtraParams['wizard_container']) {
 			$sClassLabel = MetaModel::GetName($sClass);
@@ -2867,34 +2869,34 @@ JS
 			}
 		}
 
-		$oToolbarButtons = ToolbarUIBlockFactory::MakeStandard(null);
+        $oToolbarButtons = ToolbarUIBlockFactory::MakeStandard(null);
 
-		$oCancelButton = ButtonUIBlockFactory::MakeForCancel();
-		$oCancelButton->AddCSSClasses(['action', 'cancel']);
-		$oToolbarButtons->AddSubBlock($oCancelButton);
-		$oApplyButton = ButtonUIBlockFactory::MakeForPrimaryAction($sApplyButton, null, null, true);
-		$oApplyButton->AddCSSClass('action');
-		$oToolbarButtons->AddSubBlock($oApplyButton);
-		$bAreTransitionsHidden = isset($aExtraParams['hide_transitions']) && $aExtraParams['hide_transitions'] === true;
-		$aTransitions = $this->EnumTransitions();
-		if (!isset($aExtraParams['custom_operation']) && !$bAreTransitionsHidden && count($aTransitions)) {
-			// Transitions are displayed only for the standard new/modify actions, not for modify_all or any other case...
-			$oSetToCheckRights = DBObjectSet::FromObject($this);
+        $oCancelButton = ButtonUIBlockFactory::MakeForCancel();
+        $oCancelButton->AddCSSClasses(['action', 'cancel']);
+        $oToolbarButtons->AddSubBlock($oCancelButton);
+        $oApplyButton = ButtonUIBlockFactory::MakeForPrimaryAction($sApplyButton, null, null, true);
+        $oApplyButton->AddCSSClass('action');
+        $oToolbarButtons->AddSubBlock($oApplyButton);
+        $bAreTransitionsHidden = isset($aExtraParams['hide_transitions']) && $aExtraParams['hide_transitions'] === true;
+        $aTransitions = $this->EnumTransitions();
+        if (!isset($aExtraParams['custom_operation']) && !$bAreTransitionsHidden && count($aTransitions)) {
+            // Transitions are displayed only for the standard new/modify actions, not for modify_all or any other case...
+            $oSetToCheckRights = DBObjectSet::FromObject($this);
 
-			$oTransitionPopoverMenu = new PopoverMenu();
-			$sTPMSectionId = 'transitions';
-			$oTransitionPopoverMenu->AddSection($sTPMSectionId);
-			$aStimuli = Metamodel::EnumStimuli($sClass);
-			foreach ($aTransitions as $sStimulusCode => $aTransitionDef) {
-				$iActionAllowed = (get_class($aStimuli[$sStimulusCode]) == 'StimulusUserAction') ? UserRights::IsStimulusAllowed($sClass,
-					$sStimulusCode, $oSetToCheckRights) : UR_ALLOWED_NO;
-				switch ($iActionAllowed) {
-					case UR_ALLOWED_YES:
-						// Button to be displayed on its own on large screens
-						$oButton = ButtonUIBlockFactory::MakeForPrimaryAction($aStimuli[$sStimulusCode]->GetLabel(), 'next_action', $sStimulusCode, true);
-						$oButton->AddCSSClass('action');
-						$oButton->SetColor(Button::ENUM_COLOR_SCHEME_NEUTRAL);
-						$oToolbarButtons->AddSubBlock($oButton);
+            $oTransitionPopoverMenu = new PopoverMenu();
+            $sTPMSectionId = 'transitions';
+            $oTransitionPopoverMenu->AddSection($sTPMSectionId);
+            $aStimuli = Metamodel::EnumStimuli($sClass);
+            foreach ($aTransitions as $sStimulusCode => $aTransitionDef) {
+                $iActionAllowed = (get_class($aStimuli[$sStimulusCode]) == 'StimulusUserAction') ? UserRights::IsStimulusAllowed($sClass,
+                    $sStimulusCode, $oSetToCheckRights) : UR_ALLOWED_NO;
+                switch ($iActionAllowed) {
+                    case UR_ALLOWED_YES:
+                        // Button to be displayed on its own on large screens
+                        $oButton = ButtonUIBlockFactory::MakeForPrimaryAction($aStimuli[$sStimulusCode]->GetLabel(), 'next_action', $sStimulusCode, true);
+                        $oButton->AddCSSClass('action');
+                        $oButton->SetColor(Button::ENUM_COLOR_SCHEME_NEUTRAL);
+                        $oToolbarButtons->AddSubBlock($oButton);
 
 						// Button to be displayed in a grouped button on smaller screens
 						$oTPMPopupMenuItem = new JSPopupMenuItem('next_action--'.$oButton->GetId(), $oButton->GetLabel(), "$(`#{$oButton->GetId()}`).trigger(`click`);");
@@ -3049,16 +3051,21 @@ JS
 
 		$oPage->SetCurrentTab('');
 
+		// Static fields values for wizard helper serialization
+		$aWizardHelperStaticValues = [];
+
 		// Add as hidden inputs values that we want displayed if they're readonly
 		if(isset($aExtraParams['forceFieldsSubmission'])){
 			$aExtraFlags = $aExtraParams['fieldsFlags'] ?? [];
 			foreach ($aExtraParams['forceFieldsSubmission'] as $sAttCode) {
 					if(FormHelper::GetAttributeFlagsForObject($this, $sAttCode, $aExtraFlags) & OPT_ATT_READONLY) {
 						$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('attr_'.$sPrefix.$sAttCode, $this->Get($sAttCode)));
+						$aWizardHelperStaticValues[$sAttCode] = $this->Get($sAttCode);
 					}
 			}
 		}
-		
+		$sWizardHelperStaticValues = json_encode($aWizardHelperStaticValues);
+
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('class', $sClass));
 		$oForm->AddSubBlock(InputUIBlockFactory::MakeForHidden('transaction_id', $iTransactionId));
 		foreach ($aExtraParams as $sName => $value) {
@@ -3085,7 +3092,10 @@ JS
 
 		$iFieldsCount = count($aFieldsMap);
 		$sJsonFieldsMap = json_encode($aFieldsMap);
-		$sState = $this->GetState();
+		$sLifecycleStateForWizardHelper = '';
+		if (MetaModel::HasLifecycle($sClass)) {
+			$sLifecycleStateForWizardHelper = $this->GetState();
+		}
 		$sSessionStorageKey = $sClass.'_'.$iKey;
 		$sTempId = utils::GetUploadTempId($iTransactionId);
 		$oPage->add_ready_script(InlineImage::EnableCKEditorImageUpload($this, $sTempId));
@@ -3095,9 +3105,10 @@ JS
 		sessionStorage.removeItem('$sSessionStorageKey');
 		
 		// Create the object once at the beginning of the page...
-		var oWizardHelper$sPrefix = new WizardHelper('$sClass', '$sPrefix', '$sState');
+		var oWizardHelper$sPrefix = new WizardHelper('$sClass', '$sPrefix', '$sLifecycleStateForWizardHelper');
 		oWizardHelper$sPrefix.SetFieldsMap($sJsonFieldsMap);
 		oWizardHelper$sPrefix.SetFieldsCount($iFieldsCount);
+		oWizardHelper$sPrefix.SetStaticValues($sWizardHelperStaticValues);
 EOF
 		);
 		$oPage->add_ready_script(
@@ -3389,22 +3400,15 @@ EOF
 		];
 
 		// The list of candidate fields is made of the ordered list of "details" attributes + other attributes
-		$aAttributes = array();
-		foreach ($this->FlattenZList(MetaModel::GetZListItems($sClass, 'details')) as $sAttCode) {
-			$aAttributes[$sAttCode] = true;
-		}
+		// First attributes from the "details" zlist as they were sorted...
+		$aList = $this->FlattenZList(MetaModel::GetZListItems($sClass, 'details'));
+
+		// ... then append forgotten attributes
 		foreach (MetaModel::GetAttributesList($sClass) as $sAttCode) {
-			if (!array_key_exists($sAttCode, $aAttributes)) {
-				$aAttributes[$sAttCode] = true;
+			if (!in_array($sAttCode, $aList)) {
+				$aList[] = $sAttCode;
 			}
 		}
-		// Order the fields based on their dependencies, set the fields for which there is only one possible value
-		// and perform this in the order of dependencies to avoid dead-ends
-		$aDeps = array();
-		foreach ($aAttributes as $sAttCode => $trash) {
-			$aDeps[$sAttCode] = MetaModel::GetPrerequisiteAttributes($sClass, $sAttCode);
-		}
-		$aList = $this->OrderDependentFields($aDeps);
 
 		$bExistFieldToDisplay = false;
 		foreach ($aList as $sAttCode) {
@@ -4517,16 +4521,12 @@ HTML;
 	 */
 	public function DBInsertNoReload()
 	{
+		$this->LogCRUDEnter(__METHOD__);
 		try {
 			$res = parent::DBInsertNoReload();
 
 			$this->SetWarningsAsSessionMessages('create');
 
-			// Invoke extensions after insertion (the object must exist, have an id, etc.)
-			/** @var \iApplicationObjectExtension $oExtensionInstance */
-			foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
-				$oExtensionInstance->OnDBInsert($this, self::GetCurrentChange());
-			}
 		} finally {
 			if (static::IsCrudStackEmpty()) {
 				// Avoid signaling the current object that links were modified
@@ -4534,9 +4534,25 @@ HTML;
 				static::FireEventDbLinksChangedForAllObjects();
 			}
 		}
+		$this->LogCRUDExit(__METHOD__);
 		return $res;
 	}
 
+	public function PostInsertActions(): void
+	{
+		parent::PostInsertActions();
+
+		// Invoke extensions after insertion (the object must exist, have an id, etc.)
+		/** @var \iApplicationObjectExtension $oExtensionInstance */
+		foreach (MetaModel::EnumPlugins(iApplicationObjectExtension::class) as $oExtensionInstance) {
+			$sExtensionClass = get_class($oExtensionInstance);
+			$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnDBInsert()");
+			$oKPI = new ExecutionKPI();
+			$oExtensionInstance->OnDBInsert($this, self::GetCurrentChange());
+			$oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnDBInsert');
+		}
+	}
+
 	/**
 	 * @inheritdoc
 	 * Attaches InlineImages to the current object
@@ -4548,13 +4564,16 @@ HTML;
 
 	protected function DBCloneTracked_Internal($newKey = null)
 	{
-		$oNewObj = parent::DBCloneTracked_Internal($newKey);
+        /** @var cmdbAbstractObject $oNewObj */
+        $oNewObj = MetaModel::GetObject(get_class($this), parent::DBCloneTracked_Internal($newKey));
 
 		// Invoke extensions after insertion (the object must exist, have an id, etc.)
 		/** @var \iApplicationObjectExtension $oExtensionInstance */
 		foreach(MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance)
 		{
+            $oKPI = new ExecutionKPI();
 			$oExtensionInstance->OnDBInsert($oNewObj, self::GetCurrentChange());
+            $oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnDBInsert');
 		}
 
 		return $oNewObj;
@@ -4562,57 +4581,41 @@ HTML;
 
 	public function DBUpdate()
 	{
+		$this->LogCRUDEnter(__METHOD__);
+
 		try {
+			if (count($this->ListChanges()) === 0) {
+				$this->LogCRUDExit(__METHOD__);
+				return $this->GetKey();
+			}
 			$res = parent::DBUpdate();
 
 			$this->SetWarningsAsSessionMessages('update');
-
-			// Protection against reentrance (e.g. cascading the update of ticket logs)
-			// Note: This is based on the fix made on r 3190 in DBObject::DBUpdate()
-			if (!MetaModel::StartReentranceProtection($this)) {
-				$sClass = get_class($this);
-				$sKey = $this->GetKey();
-				IssueLog::Debug("CRUD: DBUpdate $sClass::$sKey Rejected (reentrance)", LogChannels::DM_CRUD);
-
-				return $res;
-			}
-
-			try {
-				// Invoke extensions after the update (could be before)
-				/** @var \iApplicationObjectExtension $oExtensionInstance */
-				foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
-					$oExtensionInstance->OnDBUpdate($this, self::GetCurrentChange());
-				}
-			}
-			finally {
-				MetaModel::StopReentranceProtection($this);
-			}
-
-			$aChanges = $this->ListChanges();
-			if (count($aChanges) != 0) {
-				$this->iUpdateLoopCount++;
-				if ($this->iUpdateLoopCount > self::MAX_UPDATE_LOOP_COUNT) {
-					$sClass = get_class($this);
-					$sKey = $this->GetKey();
-					$aPlugins = [];
-					foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
-						$aPlugins[] = get_class($oExtensionInstance);
-					}
-					$sPlugins = implode(', ', $aPlugins);
-					IssueLog::Error("CRUD: DBUpdate $sClass::$sKey Update loop detected plugins: $sPlugins", LogChannels::DM_CRUD);
-				} else {
-					return $this->DBUpdate();
-				}
-			}
 		} finally {
 			if (static::IsCrudStackEmpty()) {
 				static::FireEventDbLinksChangedForAllObjects();
 			}
 		}
+		$this->LogCRUDExit(__METHOD__);
 
 		return $res;
 	}
 
+	public function PostUpdateActions(array $aChanges): void
+	{
+		parent::PostUpdateActions($aChanges);
+
+		// Invoke extensions after the update (could be before)
+		/** @var \iApplicationObjectExtension $oExtensionInstance */
+		foreach (MetaModel::EnumPlugins(iApplicationObjectExtension::class) as $oExtensionInstance) {
+			$sExtensionClass = get_class($oExtensionInstance);
+			$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnDBUpdate()");
+			$oKPI = new ExecutionKPI();
+			$oExtensionInstance->OnDBUpdate($this, self::GetCurrentChange());
+			$oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnDBUpdate');
+		}
+	}
+
 	/**
 	 * @param string $sMessageIdPrefix
 	 *
@@ -4632,6 +4635,7 @@ HTML;
 
 	public function DBDelete(&$oDeletionPlan = null)
 	{
+		$this->LogCRUDEnter(__METHOD__);
 		try {
 			parent::DBDelete($oDeletionPlan);
 		}  finally {
@@ -4641,6 +4645,7 @@ HTML;
 				static::FireEventDbLinksChangedForAllObjects();
 			}
 		}
+		$this->LogCRUDExit(__METHOD__);
 
 		return $oDeletionPlan;
 	}
@@ -4651,7 +4656,9 @@ HTML;
 		/** @var \iApplicationObjectExtension $oExtensionInstance */
 		foreach(MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance)
 		{
+            $oKPI = new ExecutionKPI();
 			$oExtensionInstance->OnDBDelete($this, self::GetCurrentChange());
+            $oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnDBDelete');
 		}
 
 		return parent::DBDeleteTracked_Internal($oDeletionPlan);
@@ -4669,9 +4676,15 @@ HTML;
 		/** @var \iApplicationObjectExtension $oExtensionInstance */
 		foreach(MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance)
 		{
-			if ($oExtensionInstance->OnIsModified($this))
-			{
+			$sExtensionClass = get_class($oExtensionInstance);
+			$oKPI = new ExecutionKPI();
+			$bIsModified = $oExtensionInstance->OnIsModified($this);
+			$oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnIsModified');
+			if ($bIsModified) {
+				$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnIsModified() -> true");
 				return true;
+			} else {
+				$this->LogCRUDDebug(__METHOD__, "Calling $sExtensionClass::OnIsModified() -> false");
 			}
 		}
 
@@ -4723,7 +4736,9 @@ HTML;
 		/** @var \iApplicationObjectExtension $oExtensionInstance */
 		foreach(MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance)
 		{
+            $oKPI = new ExecutionKPI();
 			$aNewIssues = $oExtensionInstance->OnCheckToWrite($this);
+            $oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnCheckToWrite');
 			if (is_array($aNewIssues) && (count($aNewIssues) > 0)) // Some extensions return null instead of an empty array
 			{
 				$this->m_aCheckIssues = array_merge($this->m_aCheckIssues, $aNewIssues);
@@ -4771,7 +4786,9 @@ HTML;
 		/** @var \iApplicationObjectExtension $oExtensionInstance */
 		foreach(MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance)
 		{
+            $oKPI = new ExecutionKPI();
 			$aNewIssues = $oExtensionInstance->OnCheckToDelete($this);
+            $oKPI->ComputeStatsForExtension($oExtensionInstance, 'OnCheckToDelete');
 			if (is_array($aNewIssues) && count($aNewIssues) > 0)
 			{
 				$this->m_aDeleteIssues = array_merge($this->m_aDeleteIssues, $aNewIssues);
@@ -6025,14 +6042,16 @@ JS
 		// - we have a EVENT_DB_LINKS_CHANGED listener on Ticket that will update impacted items, so it will create new lnkApplicationSolutionToFunctionalCI
 		// We want to avoid launching the listener twice, first here, and secondly after saving the Ticket in the listener
 		// By disabling the event to be fired, we can remove the current object from the attribute !
-		/** @noinspection PhpRedundantOptionalArgumentInspection */
-		$oObject = MetaModel::GetObject($sClass, $sId, true);
-		self::SetEventDBLinksChangedBlocked(true);
-		MetaModel::StartReentranceProtection($oObject);
-		$oObject->FireEvent(EVENT_DB_LINKS_CHANGED);
-		MetaModel::StopReentranceProtection($oObject);
-		if ($oObject->IsModified()) {
-			$oObject->DBUpdate();
+		$oObject = MetaModel::GetObject($sClass, $sId, false);
+		// N°6408 The object can have been deleted
+		if (!is_null($oObject)) {
+			self::SetEventDBLinksChangedBlocked(true);
+			MetaModel::StartReentranceProtection($oObject);
+			$oObject->FireEvent(EVENT_DB_LINKS_CHANGED);
+			MetaModel::StopReentranceProtection($oObject);
+			if (count($oObject->ListChanges()) !== 0) {
+				$oObject->DBUpdate();
+			}
 		}
 		self::RemoveObjectAwaitingEventDbLinksChanged($sClass, $sId);
 		cmdbAbstractObject::SetEventDBLinksChangedBlocked(false);

application/dashboard.class.inc.php

@@ -918,6 +918,11 @@ class RuntimeDashboard extends Dashboard
 	{
 		$bCustomized = false;
 
+		$sDashboardFileSanitized = utils::RealPath(APPROOT.$sDashboardFile, APPROOT);
+		if (false === $sDashboardFileSanitized) {
+			throw new SecurityException('Invalid dashboard file !');
+		}
+
 		// Search for an eventual user defined dashboard
 		$oUDSearch = new DBObjectSearch('UserDashboard');
 		$oUDSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
@@ -929,7 +934,7 @@ class RuntimeDashboard extends Dashboard
 			$sDashboardDefinition = $oUserDashboard->Get('contents');
 			$bCustomized = true;
 		} else {
-			$sDashboardDefinition = @file_get_contents($sDashboardFile);
+			$sDashboardDefinition = @file_get_contents($sDashboardFileSanitized);
 		}
 
 
@@ -937,7 +942,7 @@ class RuntimeDashboard extends Dashboard
 			$oDashboard = new RuntimeDashboard($sDashBoardId);
 			$oDashboard->FromXml($sDashboardDefinition);
 			$oDashboard->SetCustomFlag($bCustomized);
-			$oDashboard->SetDefinitionFile($sDashboardFile);
+			$oDashboard->SetDefinitionFile($sDashboardFileSanitized);
 		} else {
 			$oDashboard = null;
 		}
@@ -1136,7 +1141,7 @@ JS
 		$oToolbar->AddSubBlock($oActionButton);
 
 		$aActions = array();
-		$sFile = addslashes($this->sDefinitionFile);
+		$sFile = addslashes(utils::LocalPath($this->sDefinitionFile));
 		$sJSExtraParams = json_encode($aExtraParams);
 		if ($this->HasCustomDashboard()) {
 			$oEdit = new JSPopupMenuItem('UI:Dashboard:Edit', Dict::S('UI:Dashboard:EditCustom'), "return EditDashboard('{$this->sId}', '$sFile', $sJSExtraParams)");

application/dashlet.class.inc.php

@@ -667,7 +667,7 @@ class DashletUnknown extends Dashlet
 	 */
 	public function GetPropertiesFields(DesignerForm $oForm)
 	{
-		$oField = new DesignerLongTextField('xml', Dict::S('UI:DashletUnknown:Prop-XMLConfiguration'), $this->sOriginalDashletXML);
+		$oField = new DesignerXMLField('xml', Dict::S('UI:DashletUnknown:Prop-XMLConfiguration'), $this->sOriginalDashletXML);
 		$oForm->AddField($oField);
 	}
 
@@ -869,7 +869,7 @@ class DashletPlainText extends Dashlet
 	public function Render($oPage, $bEditMode = false, $aExtraParams = array())
 	{
 		$sText = $this->aProperties['text'];
-		$sText = utils::EscapeHtml($sText);
+		$sText = utils::EscapeHtml(Dict::S($sText));
 		$sText = str_replace(array("\r\n", "\n", "\r"), "<br/>", $sText);
 
 		$sId = 'plaintext_'.($bEditMode ? 'edit_' : '').$this->sId;

application/datamodel.application.xml

@@ -40,6 +40,36 @@
       <presentation/>
       <methods/>
     </class>
+    <class id="WelcomePopupAcknowledge" _delta="define">
+      <parent>DBObject</parent>
+      <properties>
+        <comment>/* Acknowledge welcome popup messages */</comment>
+        <abstract>false</abstract>
+        <category></category>
+        <key_type>autoincrement</key_type>
+        <db_table>priv_welcome_popup_acknowledge</db_table>
+      </properties>
+      <fields>
+        <field id="message_uuid" xsi:type="AttributeString">
+          <sql>message_uuid</sql>
+          <default_value/>
+          <is_null_allowed>false</is_null_allowed>
+        </field>
+        <field id="user_id" xsi:type="AttributeExternalKey">
+          <sql>user_id</sql>
+          <target_class>User</target_class>
+          <is_null_allowed>false</is_null_allowed>
+          <on_target_delete>DEL_SILENT</on_target_delete>
+        </field>
+        <field id="acknowledge_date" xsi:type="AttributeDateTime">
+          <sql>acknowledge_date</sql>
+          <default_value/>
+          <is_null_allowed>false</is_null_allowed>
+        </field>
+      </fields>
+      <presentation/>
+      <methods/>
+    </class>
   </classes>
   <portals>
     <portal id="backoffice" _delta="define">

application/displayblock.class.inc.php

@@ -1083,6 +1083,7 @@ JS
 			$this->m_oSet = new CMDBObjectSet($this->m_oFilter, array(), $aQueryParams);
 			$this->m_oSet->SetShowObsoleteData($this->m_bShowObsoleteData);
 		}
+
 		// Summary details
 		$aCounts = array();
 		$aStateLabels = array();
@@ -1129,6 +1130,18 @@ JS
 		}
 
 		$oBlock = new UIContentBlockWithJSRefreshCallback(null, ["ibo-dashlet-header-dynamic--container"]);
+
+		// N°6394 Make sure to sort elements as defined in the datamodel
+		if (utils::IsNotNullOrEmptyString($sStateAttrCode)) {
+			$oAttDef = MetaModel::GetAttributeDef($sClass, $sStateAttrCode);
+			$aAllowedValues = $oAttDef->GetAllowedValues() ?? [];
+			$AllowedValuesKeys = array_keys($aAllowedValues);
+
+			uksort($aStateLabels, function ($sKey1, $sKey2) use ($AllowedValuesKeys) {
+				return array_search($sKey1, $AllowedValuesKeys) > array_search($sKey2, $AllowedValuesKeys) ? 1 : -1;
+			});
+		}
+
 		foreach ($aStateLabels as $sStateValue => $sStateLabel) {
 			$aCount = $aCounts[$sStateValue];
 			$sHyperlink = $aCount['link'];
@@ -1233,6 +1246,10 @@ JS
 		} else {
 			$oBlock = DashletFactory::MakeForDashletBadge($sClassIconUrl, $sHyperlink, $iCount, $sClassLabel, null, null, $aRefreshParams);
 		}
+		$sClassDescription = MetaModel::GetClassDescription($sClass);
+		if (utils::IsNotNullOrEmptyString($sClassDescription)) {
+			$oBlock->SetClassDescription($sClassDescription);
+		}
 
 		return $oBlock;
 	}
@@ -1858,7 +1875,13 @@ class MenuBlock extends DisplayBlock
 		/** @var array $aToolkitActions Any "legacy" toolkit menu item, which are now displayed in the same menu as the $aRegularActions, after them */
 		$aToolkitActions = [];
 
-		if (!isset($aExtraParams['selection_mode']) || ($aExtraParams['selection_mode'] == "")) {
+		// Display menu actions only if...
+		if (
+			// ... NOT in a selection mode
+			(!isset($aExtraParams['selection_mode']) || ($aExtraParams['selection_mode'] == ""))
+			// ... "menu" parameter is NOT EXPLICITLY disabled
+			&& (!isset($aExtraParams['menu']) || $aExtraParams['menu'] === "1" || $aExtraParams['menu'] === true)
+		) {
 			$oAppContext = new ApplicationContext();
 			$sContext = $oAppContext->GetForLink();
 			if (utils::IsNotNullOrEmptyString($sContext)) {

application/forms.class.inc.php

@@ -1110,13 +1110,41 @@ $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId',
 }
 EOF
 			);
-			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".utils::EscapeHtml($this->defaultValue)."</textarea>";
+			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".$this->PrepareValueForRendering()."</textarea>";
 		}
 		else {
-			$sValue = "<div $sCSSClasses id=\"$sId\">".utils::EscapeHtml($this->defaultValue)."</div>";
+			$sValue = "<div $sCSSClasses id=\"$sId\">".$this->PrepareValueForRendering()."</div>";
 		}
 		return array('label' => $this->sLabel, 'value' => $sValue);
 	}
+
+	/**
+	 * @return string|null The value itself as expected for rendering. May it be encoded, escaped or else.
+	 * @since 3.1.0 N°6405
+	 */
+	protected function PrepareValueForRendering(): ?string
+	{
+		return utils::EscapeHtml($this->defaultValue);
+	}
+}
+
+/**
+ * Class DesignerXMLField
+ *
+ * Field to display XML content
+ *
+ * @author Guillaume Lajarige <guillaume.lajarige@combodo.com>
+ * @since 3.1.0 N°6405
+ */
+class DesignerXMLField extends DesignerLongTextField
+{
+	/**
+	 * @inheritDoc
+	 */
+	protected function PrepareValueForRendering(): ?string
+	{
+		return utils::EscapeHtml($this->defaultValue, true);
+	}
 }
 
 class DesignerIntegerField extends DesignerFormField

application/loginbasic.class.inc.php

@@ -80,6 +80,11 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'basic')
 		{
+            $iOnExit = LoginWebPage::getIOnExit();
+            if ($iOnExit === LoginWebPage::EXIT_RETURN)
+            {
+                return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
+            }
 			LoginWebPage::HTTP401Error();
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/logindefault.class.inc.php

@@ -79,7 +79,7 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	{
 		self::ResetLoginSession();
 		$iOnExit = LoginWebPage::getIOnExit();
-		if ($iOnExit == LoginWebPage::EXIT_RETURN)
+		if ($iOnExit === LoginWebPage::EXIT_RETURN)
 		{
 			return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
 		}
@@ -95,6 +95,12 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	{
 		if (!Session::IsSet('login_mode'))
 		{
+            // N°6358 - if EXIT_RETURN was asked, send an error
+            if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+                $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
+                return LoginWebPage::LOGIN_FSM_ERROR;
+            }
+
 			// If no plugin validated the user, exit
 			self::ResetLoginSession();
 			exit();

application/loginexternal.class.inc.php

@@ -73,6 +73,11 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'external')
 		{
+            $iOnExit = LoginWebPage::getIOnExit();
+            if ($iOnExit === LoginWebPage::EXIT_RETURN)
+            {
+                return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
+            }
 			LoginWebPage::HTTP401Error();
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginform.class.inc.php

@@ -44,6 +44,10 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 					exit;
 				}
 
+                if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+                    return LoginWebPage::LOGIN_FSM_CONTINUE;
+                }
+
 				// No credentials yet, display the form
 				$oPage = LoginWebPage::NewLoginWebPage();
 				$oPage->DisplayLoginForm($this->bForceFormOnError);

application/loginwebpage.class.inc.php

@@ -248,6 +248,7 @@ class LoginWebPage extends NiceWebPage
 				$oEmail = new Email();
 				$oEmail->SetRecipientTO($sTo);
 				$sFrom = MetaModel::GetConfig()->Get('forgot_password_from');
+				$sFrom = utils::IsNullOrEmptyString($sFrom) ? MetaModel::GetConfig()->Get('email_default_sender_address') : $sFrom;
 				$oEmail->SetRecipientFrom($sFrom);
 				$oEmail->SetSubject(Dict::S('UI:ResetPwd-EmailSubject', $oUser->Get('login')));
 				$sResetUrl = utils::GetAbsoluteUrlAppRoot().'pages/UI.php?loginop=reset_pwd&auth_user='.urlencode($oUser->Get('login')).'&token='.urlencode($sToken);

application/menunode.class.inc.php

@@ -9,6 +9,7 @@ use Combodo\iTop\Application\Helper\WebResourcesHelper;
 require_once(APPROOT.'/application/utils.inc.php');
 require_once(APPROOT.'/application/template.class.inc.php');
 require_once(APPROOT."/application/user.dashboard.class.inc.php");
+require_once(APPROOT."/setup/parentmenunodecompiler.class.inc.php");
 
 
 /**
@@ -103,7 +104,7 @@ class ApplicationMenu
 	{
 		self::$sFavoriteSiloQuery = $sOQL;
 	}
-	
+
 	/**
 	 * Get the query used to limit the list of displayed organizations in the drop-down menu
 	 * @return string The OQL query returning a list of Organization objects
@@ -273,12 +274,23 @@ class ApplicationMenu
 				continue;
 			}
 
+			$aSubMenuNodes = static::GetSubMenuNodes($sMenuGroupIdx, $aExtraParams);
+			if (! ParentMenuNodeCompiler::$bUseLegacyMenuCompilation && !($oMenuNode instanceof ShortcutMenuNode)){
+				if (is_array($aSubMenuNodes) && 0 === sizeof($aSubMenuNodes)){
+					IssueLog::Debug('Empty menu node not displayed', LogChannels::CONSOLE, [
+						'menu_node_class' => get_class($oMenuNode),
+						'menu_node_label' => $oMenuNode->GetLabel(),
+					]);
+					continue;
+				}
+			}
+
 			$aMenuGroups[] = [
 				'sId' => $oMenuNode->GetMenuID(),
 				'sIconCssClasses' => $oMenuNode->GetDecorationClasses(),
 				'sInitials' => $oMenuNode->GetInitials(),
 				'sTitle' => $oMenuNode->GetTitle(),
-				'aSubMenuNodes' => static::GetSubMenuNodes($sMenuGroupIdx, $aExtraParams),
+				'aSubMenuNodes' => $aSubMenuNodes,
 			];
 		}
 
@@ -536,7 +548,7 @@ EOF
 
 		return -1;
 	}
-	
+
 	/**
 	 * Retrieves the currently active menu (if any, otherwise the first menu is the default)
 	 * @return string The Id of the currently active menu
@@ -544,7 +556,7 @@ EOF
 	public static function GetActiveNodeId()
 	{
 		$oAppContext = new ApplicationContext();
-		$sMenuId = $oAppContext->GetCurrentValue('menu', null);		
+		$sMenuId = $oAppContext->GetCurrentValue('menu', null);
 		if ($sMenuId  === null)
 		{
 			$sMenuId = self::GetDefaultMenuId();
@@ -654,7 +666,7 @@ abstract class MenuNode
 
 	/**
 	 * Stimulus to check: if the user can 'apply' this stimulus, then she/he can see this menu
-	 */	
+	 */
 	protected $m_aEnableStimuli;
 
 	/**
@@ -814,7 +826,7 @@ abstract class MenuNode
 	{
 		return false;
 	}
-	
+
 	/**
 	 * Add a limiting display condition for the same menu node. The conditions will be combined with a AND
 	 * @param $oMenuNode MenuNode Another definition of the same menu node, with potentially different access restriction
@@ -987,7 +999,7 @@ class TemplateMenuNode extends MenuNode
 	 * @var string
 	 */
 	protected $sTemplateFile;
-	
+
 	/**
 	 * Create a menu item based on a custom template and inserts it into the application's main menu
 	 * @param string $sMenuId Unique identifier of the menu (used to identify the menu for bookmarking, and for getting the labels from the dictionary)
@@ -1058,7 +1070,7 @@ class OQLMenuNode extends MenuNode
 	 * @var bool|null
 	 */
 	protected $bSearchFormOpen;
-	
+
 	/**
 	 * Extra parameters to be passed to the display block to fine tune its appearence
 	 */
@@ -1091,7 +1103,7 @@ class OQLMenuNode extends MenuNode
 		// Enhancement: we could set as the "enable" condition that the user has enough rights to "read" the objects
 		// of the class specified by the OQL...
 	}
-	
+
 	/**
 	 * Set some extra parameters to be passed to the display block to fine tune its appearence
 	 * @param array $aParams paramCode => value. See DisplayBlock::GetDisplay for the meaning of the parameters
@@ -1111,7 +1123,7 @@ class OQLMenuNode extends MenuNode
 	 */
 	public function RenderContent(WebPage $oPage, $aExtraParams = array())
 	{
-		ContextTag::AddContext(ContextTag::TAG_OBJECT_SEARCH);
+		$oTag = new ContextTag(ContextTag::TAG_OBJECT_SEARCH);
 		ApplicationMenu::CheckMenuIdEnabled($this->GetMenuId());
 		OQLMenuNode::RenderOQLSearch
 		(
@@ -1120,7 +1132,7 @@ class OQLMenuNode extends MenuNode
 			'Menu_'.$this->GetMenuId(),
 			$this->bSearch, // Search pane
 			$this->bSearchFormOpen, // Search open
-			$oPage, 
+			$oPage,
 			array_merge($this->m_aParams, $aExtraParams),
 			true
 		);
@@ -1354,10 +1366,10 @@ class NewObjectMenuNode extends MenuNode
 	{
 		// Enable this menu, only if the current user has enough rights to create such an object, or an object of
 		// any child class
-	
+
 		$aSubClasses = MetaModel::EnumChildClasses($this->sClass, ENUM_CHILD_CLASSES_ALL); // Including the specified class itself
 		$bActionIsAllowed = false;
-	
+
 		foreach($aSubClasses as $sCandidateClass)
 		{
 			if (!MetaModel::IsAbstract($sCandidateClass) && (UserRights::IsActionAllowed($sCandidateClass, UR_ACTION_MODIFY) == UR_ALLOWED_YES))
@@ -1366,7 +1378,7 @@ class NewObjectMenuNode extends MenuNode
 				break; // Enough for now
 			}
 		}
-		return $bActionIsAllowed;		
+		return $bActionIsAllowed;
 	}
 
 	/**
@@ -1508,7 +1520,7 @@ class DashboardMenuNode extends MenuNode
 			throw new Exception("Error: failed to load dashboard file: '{$this->sDashboardFile}'");
 		}
 	}
-	
+
 }
 
 /**
@@ -1549,7 +1561,7 @@ class ShortcutContainerMenuNode extends MenuNode
 			$sName = $this->GetMenuId().'_'.$oShortcut->GetKey();
 			new ShortcutMenuNode($sName, $oShortcut, $this->GetIndex(), $fRank++);
 		}
-	
+
 		// Complete the tree
 		//
 		parent::PopulateChildMenus();

application/query.class.inc.php

@@ -74,6 +74,7 @@ abstract class Query extends cmdbAbstractObject
 			"default_value" => 0,
 			"is_null_allowed" => false,
 			"depends_on" => array(),
+			"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 		)));
 
 		MetaModel::Init_AddAttribute(new AttributeDateTime("export_last_date", array(
@@ -82,6 +83,7 @@ abstract class Query extends cmdbAbstractObject
 			"default_value" => null,
 			"is_null_allowed" => true,
 			"depends_on" => array(),
+			"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 		)));
 
 		MetaModel::Init_AddAttribute(new AttributeExternalKey("export_last_user_id",
@@ -93,14 +95,16 @@ abstract class Query extends cmdbAbstractObject
 				"depends_on"=>array(),
 				"display_style"=>'select',
 				"always_load_in_tables"=>false,
-				"on_target_delete"=>DEL_SILENT
+				"on_target_delete"=>DEL_SILENT,
+				"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 			)));
 
 		MetaModel::Init_AddAttribute(new AttributeExternalField("export_last_user_contact",
 			array(
 				"allowed_values"=>null,
 				"extkey_attcode"=> "export_last_user_id",
-				"target_attcode"=>"contactid"
+				"target_attcode"=>"contactid",
+				"tracking_level" => ATTRIBUTE_TRACKING_NONE,
 			)));
 
 		// Display lists
@@ -292,7 +296,7 @@ class QueryOQL extends Query
 			}
 			catch
 			(OQLException $e) {
-				$oAlert = AlertUIBlockFactory::MakeForFailure(Dict::Format('UI:RunQuery:Error'), $e->getHtmlDesc())
+				$oAlert = AlertUIBlockFactory::MakeForFailure(Dict::S('UI:RunQuery:Error'), $e->getHtmlDesc())
 					->SetIsClosable(false)
 					->SetIsCollapsible(false);
 				$oAlert->AddCSSClass('mb-5');

application/startup.inc.php

@@ -99,4 +99,10 @@ else
 	Session::Set('itop_env', ITOP_DEFAULT_ENV);
 }
 $sConfigFile = APPCONF.$sEnv.'/'.ITOP_CONFIG_FILE;
-MetaModel::Startup($sConfigFile, false /* $bModelOnly */, $bAllowCache, false /* $bTraceSourceFiles */, $sEnv);
+try {
+    MetaModel::Startup($sConfigFile, false /* $bModelOnly */, $bAllowCache, false /* $bTraceSourceFiles */, $sEnv);
+}
+catch (MySQLException $e) {
+    IssueLog::Debug($e->getMessage());
+    throw new MySQLException('Could not connect to the DB server', []);
+}

application/templates/welcome_popup.html

@@ -1,29 +0,0 @@
-<div style="width:100%;background: #fff url(../images/welcome.jpg) top left no-repeat;">
-<style>
-.welcome_popup_cell {
-vertical-align:top;
-width:50%;
-border:0px solid #000;
--moz-border-radius:10px;
-padding:5px;
-text-align:left;
-}
-tr td.welcome_popup_cell,  tr td.welcome_popup_cell ul {
-font-size:10pt;
-}
-</style>
-<p></p>
-<p></p>
-<p style="text-align:left; font-size:32px;padding-left:400px;padding-top:40px;margin-bottom:30px;margin-top:0;color:#FFFFFF;"><itopstring>UI:WelcomeMenu:Title</itopstring></p>
-<p></p>
-<table border="0" style="padding:10px;border-spacing: 10px;width:100%">
-<tr>
-<td class="welcome_popup_cell">
-<itopstring>UI:WelcomeMenu:LeftBlock</itopstring>
-</td>
-<td class="welcome_popup_cell">
-<itopstring>UI:WelcomeMenu:RightBlock</itopstring>
-</td>
-</tr>
-</table>
-</div>

application/ui.extkeywidget.class.inc.php

@@ -163,13 +163,11 @@ class UIExtKeyWidget
 		$oPage->add_linked_script('../js/extkeywidget.js');
 		$oPage->add_linked_script('../js/forms-json-utils.js');
 
-		$bCreate = (!$this->bSearchMode) && (UserRights::IsActionAllowed($this->sTargetClass, UR_ACTION_BULK_MODIFY) && $bAllowTargetCreation);
+		$bCreate = (!$this->bSearchMode) && (UserRights::IsActionAllowed($this->sTargetClass, UR_ACTION_MODIFY) && $bAllowTargetCreation);
 		$bExtensions = true;
 		$sMessage = Dict::S('UI:Message:EmptyList:UseSearchForm');
 		$sAttrFieldPrefix = ($this->bSearchMode) ? '' : 'attr_';
 
-		
-		
 		$sFilter = addslashes($oAllowedValues->GetFilter()->ToOQL());
 		if ($this->bSearchMode) {
 			$sWizHelper = 'null';
@@ -1070,18 +1068,27 @@ JS
 		{
 			$oObj = MetaModel::NewObject($this->sTargetClass);
 			$aErrors = $oObj->UpdateObjectFromPostedForm($this->iId);
-			if (count($aErrors) == 0)
-			{
-				$oObj->DBInsert();
+			if (count($aErrors) == 0) {
+
+				// Retrieve JSON data
+				$sJSON = utils::ReadParam('json', '{}', false, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
+				$oJSON = json_decode($sJSON);
+
+				$oObj->SetContextSection('temporary_objects', [
+					'create' => [
+						'transaction_id' => utils::ReadParam('root_transaction_id', '', false, utils::ENUM_SANITIZATION_FILTER_TRANSACTION_ID),
+						'host_class'     => $oJSON->m_sClass,
+						'host_att_code'  => $this->sAttCode,
+					],
+				]);
+				$oObj->DBInsertNoReload();
+
 				return array('name' => $oObj->GetName(), 'id' => $oObj->GetKey());
-			}
-			else
-			{
+			} else {
 				return array('error' => implode(' ', $aErrors), 'id' => 0);
 			}
 		}
-		catch(Exception $e)
-		{
+		catch (Exception $e) {
 			return array('error' => $e->getMessage(), 'id' => 0);
 		}
 	}

application/ui.linkswidget.class.inc.php

@@ -178,17 +178,18 @@ class UILinksWidget
 
 		$oDisplayBlock = new DisplayBlock($oFilter, 'search', false);
 		$oBlock->AddSubBlock($oDisplayBlock->GetDisplay($oPage, "SearchFormToAdd_{$sLinkedSetId}",
-			array(
-				'menu' => false,
+			[
+				'menu'                       => false,
 				'result_list_outer_selector' => "SearchResultsToAdd_{$sLinkedSetId}",
-				'table_id' => "add_{$sLinkedSetId}",
-				'table_inner_id' => "ResultsToAdd_{$sLinkedSetId}",
-				'selection_mode' => true,
-				'json' => $sJson,
-				'cssCount' => '#count_'.$this->m_sAttCode.$this->m_sNameSuffix,
-				'query_params' => $oFilter->GetInternalParams(),
-				'hidden_criteria' => $sAlreadyLinkedExpression,
-			)));
+				'table_id'                   => "add_{$sLinkedSetId}",
+				'table_inner_id'             => "ResultsToAdd_{$sLinkedSetId}",
+				'selection_mode'             => true,
+				'json'                       => $sJson,
+				'cssCount'                   => '#count_'.$this->m_sAttCode.$this->m_sNameSuffix,
+				'query_params'               => $oFilter->GetInternalParams(),
+				'hidden_criteria'            => $sAlreadyLinkedExpression,
+				'submit_on_load'             => false,
+			]));
 
 		$oBlock->AddForm();
 	}

application/utils.inc.php

@@ -20,6 +20,7 @@
 use Combodo\iTop\Application\Helper\Session;
 use Combodo\iTop\Application\UI\Base\iUIBlock;
 use Combodo\iTop\Application\UI\Base\Layout\UIContentBlock;
+use Combodo\iTop\Service\Module\ModuleService;
 use ScssPhp\ScssPhp\Compiler;
 use ScssPhp\ScssPhp\OutputStyle;
 use ScssPhp\ScssPhp\ValueConverter;
@@ -1396,13 +1397,23 @@ class utils
 		return APPROOT . 'env-' . MetaModel::GetEnvironment() . '/';
 	}
 
+	/**
+	 * @return string A path to the folder into which data can be written
+	 * @internal
+	 * @since N°6097 2.7.10 3.0.4 3.1.1
+	 */
+	public static function GetDataPath(): string
+	{
+		return APPROOT.'data/';
+	}
+
 	/**
 	 * @return string A path to a folder into which any module can store cache data
 	 * The corresponding folder is created or cleaned upon code compilation
 	 */
 	public static function GetCachePath()
 	{
-		return APPROOT.'data/cache-'.MetaModel::GetEnvironment().'/';
+		return static::GetDataPath().'cache-'.MetaModel::GetEnvironment().'/';
 	}
 
 	/**
@@ -1970,6 +1981,7 @@ SQL;
 
 	/**
 	 * @param string $sValue
+	 * @param bool $bDoubleEncode Whether to double encode the value or not
 	 *
 	 * @return string passed value with only characters having a special meaning in HTML escaped as entities
 	 *    Since 3.0.0 we were using for this {@link HtmlEntities} but it was overkill and leads to double escaping !
@@ -1977,14 +1989,15 @@ SQL;
 	 * @uses \htmlspecialchars()
 	 * @link https://www.php.net/manual/fr/function.htmlspecialchars.php
 	 * @since 3.0.0 N°3623
+	 * @since 3.1.0 N°6405 Add $bDoubleEncode parameter
 	 */
-	public static function EscapeHtml($sValue)
+	public static function EscapeHtml($sValue, bool $bDoubleEncode = false)
 	{
 		return htmlspecialchars(
 			$sValue ?? '',
 			ENT_QUOTES | ENT_DISALLOWED | ENT_HTML5,
 			WebPage::PAGES_CHARSET,
-			false
+			$bDoubleEncode
 		);
 	}
 
@@ -2045,6 +2058,9 @@ SQL;
 	 */
 	public static function TextToHtml($sText)
 	{
+		if (static::IsNullOrEmptyString($sText)){
+			return '';
+		}
 		$sText = str_replace("\r\n", "\n", $sText);
 		$sText = str_replace("\r", "\n", $sText);
 
@@ -2260,24 +2276,7 @@ SQL;
 	 */
 	public static function GetCurrentModuleName($iCallDepth = 0)
 	{
-		$sCurrentModuleName = '';
-		$aCallStack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
-		$sCallerFile = realpath($aCallStack[$iCallDepth]['file']);
-		
-		foreach(GetModulesInfo() as $sModuleName => $aInfo)
-		{
-			if ($aInfo['root_dir'] !== '')
-			{
-				$sRootDir = realpath(APPROOT.$aInfo['root_dir']);
-				
-				if(substr($sCallerFile, 0, strlen($sRootDir)) === $sRootDir)
-				{
-					$sCurrentModuleName = $sModuleName;
-					break;
-				}
-			}
-		}
-		return $sCurrentModuleName;
+        return ModuleService::GetInstance()->GetCurrentModuleName($iCallDepth + 1);
 	}
 	
 	/**
@@ -2299,24 +2298,7 @@ SQL;
 	 */
 	public static function GetCurrentModuleDir($iCallDepth)
 	{
-		$sCurrentModuleDir = '';
-		$aCallStack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
-		$sCallerFile = realpath($aCallStack[$iCallDepth]['file']);
-	
-		foreach(GetModulesInfo() as $sModuleName => $aInfo)
-		{
-			if ($aInfo['root_dir'] !== '')
-			{
-				$sRootDir = realpath(APPROOT.$aInfo['root_dir']);
-	
-				if(substr($sCallerFile, 0, strlen($sRootDir)) === $sRootDir)
-				{
-					$sCurrentModuleDir = basename($sRootDir);
-					break;
-				}
-			}
-		}
-		return $sCurrentModuleDir;
+		return ModuleService::GetInstance()->GetCurrentModuleDir($iCallDepth);
 	}
 
 	/**
@@ -2331,12 +2313,7 @@ SQL;
 	 */
 	public static function GetCurrentModuleUrl()
 	{
-		$sDir = static::GetCurrentModuleDir(1);
-		if ( $sDir !== '')
-		{
-			return static::GetAbsoluteUrlModulesRoot().'/'.$sDir;
-		}
-		return '';
+		return ModuleService::GetInstance()->GetCurrentModuleUrl(1);
 	}
 	
 	/**
@@ -2346,8 +2323,7 @@ SQL;
 	 */
 	public static function GetCurrentModuleSetting($sProperty, $defaultvalue = null)
 	{
-		$sModuleName = static::GetCurrentModuleName(1);
-		return MetaModel::GetModuleSetting($sModuleName, $sProperty, $defaultvalue);
+        return ModuleService::GetInstance()->GetCurrentModuleSetting($sProperty, $defaultvalue);
 	}
 	
 	/**
@@ -2356,12 +2332,7 @@ SQL;
 	 */
 	public static function GetCompiledModuleVersion($sModuleName)
 	{
-		$aModulesInfo = GetModulesInfo();
-		if (array_key_exists($sModuleName, $aModulesInfo))
-		{
-			return $aModulesInfo[$sModuleName]['version'];
-		}
-		return null;
+        return ModuleService::GetInstance()->GetCompiledModuleVersion($sModuleName);
 	}
 	
 	/**
@@ -2686,24 +2657,26 @@ SQL;
 	}
 
 	/**
-	 * Returns the local path relative to the iTop installation of an existing file
+	 * Returns the local path relative to the iTop installation (APPROOT or the given base path)
 	 * Dir separator is changed to '/' for consistency among the different OS
 	 *
 	 * @param string $sAbsolutePath absolute path
+	 * @param string $sBasePath Base path for the resulting local path (default APPROOT)
 	 *
-	 * @return false|string
+	 * @return false|string The generated local path or false if absolute path is not under the base path
+	 * @since 3.1.1 Added base path defaulted to previous version APPROOT
 	 */
-	final public static function LocalPath($sAbsolutePath)
+	final public static function LocalPath($sAbsolutePath, string $sBasePath = APPROOT)
 	{
-		$sRootPath = realpath(APPROOT);
+		$sRootPath = realpath($sBasePath);
 		$sFullPath = realpath($sAbsolutePath);
 		if (($sFullPath === false) || !self::StartsWith($sFullPath, $sRootPath))
 		{
 			return false;
 		}
 		$sLocalPath = substr($sFullPath, strlen($sRootPath.DIRECTORY_SEPARATOR));
-		$sLocalPath = str_replace(DIRECTORY_SEPARATOR, '/', $sLocalPath);
-		return $sLocalPath;
+
+		return str_replace(DIRECTORY_SEPARATOR, '/', $sLocalPath);
 	}
 
 	/**
@@ -2895,7 +2868,7 @@ HTML;
 
 			// Add already loaded classes
 			$aCurrentClasses = array_fill_keys(get_declared_classes(), '');
-			$aClassMap = array_merge($aClassMap, $aCurrentClasses);
+			$aClassMap = array_merge($aCurrentClasses, $aClassMap);
 
 			foreach ($aClassMap as $sPHPClass => $sPHPFile) {
 				$bSkipped = false;
@@ -2904,7 +2877,8 @@ HTML;
 				if ($sClassNameFilter !== '' && strpos($sPHPClass, $sClassNameFilter) === false) {
 					$bSkipped = true;
 				}
-				else {
+				// For some PHP classes we don't have their file path as they are already in memory, so we never filter on their paths
+				elseif (utils::IsNotNullOrEmptyString($sPHPFile)) {
 					$sPHPFile = self::LocalPath($sPHPFile);
 					if ($sPHPFile !== false) {
 						$sPHPFile = '/'.$sPHPFile; // for regex
@@ -2919,11 +2893,12 @@ HTML;
 						$bSkipped = true; // file not found
 					}
 				}
-				
+
 				if(!$bSkipped){
 					try {
 						$oRefClass = new ReflectionClass($sPHPClass);
-						if ($oRefClass->implementsInterface($sInterface) && $oRefClass->isInstantiable()) {
+						if ($oRefClass->implementsInterface($sInterface) &&
+							!$oRefClass->isInterface() && !$oRefClass->isAbstract() && !$oRefClass->isTrait()) {
 							$aMatchingClasses[] = $sPHPClass;
 						}
 					} catch (Exception $e) {
@@ -3368,5 +3343,22 @@ HTML;
 	{
 		return in_array($sTrait, self::TraitsUsedByClass($sClass, true));
 	}
-	
+
+	/**
+	 * Get stack trace as string array.
+	 *
+	 * @return array
+	 * @since 3.1.0
+	 */
+	public static function GetStackTraceAsArray(): array
+	{
+		$e = new Exception();
+		$aTrace = explode("\n", $e->getTraceAsString());
+		// Remove call to this method
+		array_shift($aTrace);
+		// Remove Main
+		array_pop($aTrace);
+
+		return $aTrace;
+	}
 }

bootstrap.inc.php

@@ -45,6 +45,7 @@ define('MAINTENANCE_MODE_FILE', APPROOT.'data/.maintenance');
 define('READONLY_MODE_FILE', APPROOT.'data/.readonly');
 
 $fItopStarted = microtime(true);
+$iItopInitialMemory = memory_get_usage(true);
 
 if (!isset($GLOBALS['bBypassAutoload']) || $GLOBALS['bBypassAutoload'] == false) {
 	require_once APPROOT.'/lib/autoload.php';

composer.json

@@ -12,10 +12,10 @@
     "ext-json": "*",
     "ext-mysqli": "*",
     "ext-soap": "*",
-    "apereo/phpcas" : "~1.6.0",
+    "apereo/phpcas": "~1.6.0",
     "combodo/tcpdf": "~6.4.4",
     "firebase/php-jwt": "~6.4.0",
-    "guzzlehttp/guzzle": "^7.4.5",
+    "guzzlehttp/guzzle": "^7.5.1",
     "laminas/laminas-mail": "^2.11",
     "laminas/laminas-servicemanager": "^3.5",
     "league/oauth2-google": "^3.0",

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "69db9dbdea61a588fa2058724d91a579",
+    "content-hash": "cb3883f141f50e1bfbc957880ab93be1",
     "packages": [
         {
             "name": "apereo/phpcas",
@@ -217,22 +217,22 @@
         },
         {
             "name": "guzzlehttp/guzzle",
-            "version": "7.4.5",
+            "version": "7.7.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/guzzle.git",
-                "reference": "1dd98b0564cb3f6bd16ce683cb755f94c10fbd82"
+                "reference": "fb7566caccf22d74d1ab270de3551f72a58399f5"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82",
-                "reference": "1dd98b0564cb3f6bd16ce683cb755f94c10fbd82",
+                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/fb7566caccf22d74d1ab270de3551f72a58399f5",
+                "reference": "fb7566caccf22d74d1ab270de3551f72a58399f5",
                 "shasum": ""
             },
             "require": {
                 "ext-json": "*",
-                "guzzlehttp/promises": "^1.5",
-                "guzzlehttp/psr7": "^1.9 || ^2.4",
+                "guzzlehttp/promises": "^1.5.3 || ^2.0",
+                "guzzlehttp/psr7": "^1.9.1 || ^2.4.5",
                 "php": "^7.2.5 || ^8.0",
                 "psr/http-client": "^1.0",
                 "symfony/deprecation-contracts": "^2.2 || ^3.0"
@@ -241,10 +241,11 @@
                 "psr/http-client-implementation": "1.0"
             },
             "require-dev": {
-                "bamarni/composer-bin-plugin": "^1.4.1",
+                "bamarni/composer-bin-plugin": "^1.8.1",
                 "ext-curl": "*",
-                "php-http/client-integration-tests": "^3.0",
-                "phpunit/phpunit": "^8.5.5 || ^9.3.5",
+                "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999",
+                "php-http/message-factory": "^1.1",
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23",
                 "psr/log": "^1.1 || ^2.0 || ^3.0"
             },
             "suggest": {
@@ -254,8 +255,9 @@
             },
             "type": "library",
             "extra": {
-                "branch-alias": {
-                    "dev-master": "7.4-dev"
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
                 }
             },
             "autoload": {
@@ -321,7 +323,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/guzzle/issues",
-                "source": "https://github.com/guzzle/guzzle/tree/7.4.5"
+                "source": "https://github.com/guzzle/guzzle/tree/7.7.0"
             },
             "funding": [
                 {
@@ -337,38 +339,37 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-06-20T22:16:13+00:00"
+            "time": "2023-05-21T14:04:53+00:00"
         },
         {
             "name": "guzzlehttp/promises",
-            "version": "1.5.1",
+            "version": "2.0.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/promises.git",
-                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da"
+                "reference": "3a494dc7dc1d7d12e511890177ae2d0e6c107da6"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/promises/zipball/fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
-                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
+                "url": "https://api.github.com/repos/guzzle/promises/zipball/3a494dc7dc1d7d12e511890177ae2d0e6c107da6",
+                "reference": "3a494dc7dc1d7d12e511890177ae2d0e6c107da6",
                 "shasum": ""
             },
             "require": {
-                "php": ">=5.5"
+                "php": "^7.2.5 || ^8.0"
             },
             "require-dev": {
-                "symfony/phpunit-bridge": "^4.4 || ^5.1"
+                "bamarni/composer-bin-plugin": "^1.8.1",
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23"
             },
             "type": "library",
             "extra": {
-                "branch-alias": {
-                    "dev-master": "1.5-dev"
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
                 }
             },
             "autoload": {
-                "files": [
-                    "src/functions_include.php"
-                ],
                 "psr-4": {
                     "GuzzleHttp\\Promise\\": "src/"
                 }
@@ -405,7 +406,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/promises/issues",
-                "source": "https://github.com/guzzle/promises/tree/1.5.1"
+                "source": "https://github.com/guzzle/promises/tree/2.0.0"
             },
             "funding": [
                 {
@@ -421,26 +422,26 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2021-10-22T20:56:57+00:00"
+            "time": "2023-05-21T13:50:22+00:00"
         },
         {
             "name": "guzzlehttp/psr7",
-            "version": "2.4.0",
+            "version": "2.5.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/psr7.git",
-                "reference": "13388f00956b1503577598873fffb5ae994b5737"
+                "reference": "b635f279edd83fc275f822a1188157ffea568ff6"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/psr7/zipball/13388f00956b1503577598873fffb5ae994b5737",
-                "reference": "13388f00956b1503577598873fffb5ae994b5737",
+                "url": "https://api.github.com/repos/guzzle/psr7/zipball/b635f279edd83fc275f822a1188157ffea568ff6",
+                "reference": "b635f279edd83fc275f822a1188157ffea568ff6",
                 "shasum": ""
             },
             "require": {
                 "php": "^7.2.5 || ^8.0",
                 "psr/http-factory": "^1.0",
-                "psr/http-message": "^1.0",
+                "psr/http-message": "^1.1 || ^2.0",
                 "ralouphie/getallheaders": "^3.0"
             },
             "provide": {
@@ -448,17 +449,18 @@
                 "psr/http-message-implementation": "1.0"
             },
             "require-dev": {
-                "bamarni/composer-bin-plugin": "^1.4.1",
+                "bamarni/composer-bin-plugin": "^1.8.1",
                 "http-interop/http-factory-tests": "^0.9",
-                "phpunit/phpunit": "^8.5.8 || ^9.3.10"
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23"
             },
             "suggest": {
                 "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
             },
             "type": "library",
             "extra": {
-                "branch-alias": {
-                    "dev-master": "2.4-dev"
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
                 }
             },
             "autoload": {
@@ -520,7 +522,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/psr7/issues",
-                "source": "https://github.com/guzzle/psr7/tree/2.4.0"
+                "source": "https://github.com/guzzle/psr7/tree/2.5.0"
             },
             "funding": [
                 {
@@ -536,7 +538,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-06-20T21:43:11+00:00"
+            "time": "2023-04-17T16:11:26+00:00"
         },
         {
             "name": "laminas/laminas-loader",
@@ -1668,21 +1670,21 @@
         },
         {
             "name": "psr/http-client",
-            "version": "1.0.1",
+            "version": "1.0.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/php-fig/http-client.git",
-                "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621"
+                "reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621",
-                "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621",
+                "url": "https://api.github.com/repos/php-fig/http-client/zipball/0955afe48220520692d2d09f7ab7e0f93ffd6a31",
+                "reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31",
                 "shasum": ""
             },
             "require": {
                 "php": "^7.0 || ^8.0",
-                "psr/http-message": "^1.0"
+                "psr/http-message": "^1.0 || ^2.0"
             },
             "type": "library",
             "extra": {
@@ -1702,7 +1704,7 @@
             "authors": [
                 {
                     "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                 }
             ],
             "description": "Common interface for HTTP clients",
@@ -1714,27 +1716,27 @@
                 "psr-18"
             ],
             "support": {
-                "source": "https://github.com/php-fig/http-client/tree/master"
+                "source": "https://github.com/php-fig/http-client/tree/1.0.2"
             },
-            "time": "2020-06-29T06:28:15+00:00"
+            "time": "2023-04-10T20:12:12+00:00"
         },
         {
             "name": "psr/http-factory",
-            "version": "1.0.1",
+            "version": "1.0.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/php-fig/http-factory.git",
-                "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be"
+                "reference": "e616d01114759c4c489f93b099585439f795fe35"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be",
-                "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be",
+                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35",
+                "reference": "e616d01114759c4c489f93b099585439f795fe35",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.0.0",
-                "psr/http-message": "^1.0"
+                "psr/http-message": "^1.0 || ^2.0"
             },
             "type": "library",
             "extra": {
@@ -1754,7 +1756,7 @@
             "authors": [
                 {
                     "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                 }
             ],
             "description": "Common interfaces for PSR-7 HTTP message factories",
@@ -1769,31 +1771,31 @@
                 "response"
             ],
             "support": {
-                "source": "https://github.com/php-fig/http-factory/tree/master"
+                "source": "https://github.com/php-fig/http-factory/tree/1.0.2"
             },
-            "time": "2019-04-30T12:38:16+00:00"
+            "time": "2023-04-10T20:10:41+00:00"
         },
         {
             "name": "psr/http-message",
-            "version": "1.0.1",
+            "version": "2.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/php-fig/http-message.git",
-                "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363"
+                "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363",
-                "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363",
+                "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71",
+                "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71",
                 "shasum": ""
             },
             "require": {
-                "php": ">=5.3.0"
+                "php": "^7.2 || ^8.0"
             },
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "1.0.x-dev"
+                    "dev-master": "2.0.x-dev"
                 }
             },
             "autoload": {
@@ -1808,7 +1810,7 @@
             "authors": [
                 {
                     "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                 }
             ],
             "description": "Common interface for HTTP messages",
@@ -1822,9 +1824,9 @@
                 "response"
             ],
             "support": {
-                "source": "https://github.com/php-fig/http-message/tree/master"
+                "source": "https://github.com/php-fig/http-message/tree/2.0"
             },
-            "time": "2016-08-06T14:39:51+00:00"
+            "time": "2023-04-04T09:54:51+00:00"
         },
         {
             "name": "psr/log",
@@ -5274,5 +5276,5 @@
     "platform-overrides": {
         "php": "7.4.0"
     },
-    "plugin-api-version": "2.1.0"
+    "plugin-api-version": "2.3.0"
 }

core/DbConnectionWrapper.php

@@ -59,9 +59,16 @@ class DbConnectionWrapper
 	 * Use this to register a mock that will handle {@see mysqli::query()}
 	 *
 	 * @param \mysqli|null $oMysqli
+	 * @since 3.0.4 3.1.1 3.2.0 Param $oMysqli becomes nullable
 	 */
-	public static function SetDbConnectionMockForQuery(?mysqli $oMysqli): void
+	public static function SetDbConnectionMockForQuery(?mysqli $oMysqli = null): void
 	{
-		static::$oDbCnxMockableForQuery = $oMysqli;
+		if (is_null($oMysqli)) {
+			// Reset to standard connection
+			static::$oDbCnxMockableForQuery = static::$oDbCnxStandard;
+		}
+		else {
+			static::$oDbCnxMockableForQuery = $oMysqli;
+		}
 	}
 }

core/MyHelpers.class.inc.php

@@ -419,6 +419,7 @@ class MyHelpers
 		//}
 		return $sOutput;
 	}
+
 }
 
 /**
@@ -523,5 +524,3 @@ class Str
 		return (strtolower($sString) == $sString);
 	}
 }
-
-?>

core/TemporaryObjectDescriptor.php

@@ -0,0 +1,101 @@
+<?php
+/*
+ * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+/**
+ * Class TemporaryObjectDescriptor
+ *
+ * Descriptor to track a temporary object.
+ *
+ * @experimental do not use, this feature will be part of a future version
+ *
+ * @since 3.1
+ */
+class TemporaryObjectDescriptor extends DBObject
+{
+	public static function Init()
+	{
+		$aParams = array(
+			'category'            => 'core',
+			'key_type'            => 'autoincrement',
+			'name_attcode'        => array('item_class', 'temp_id'),
+			'image_attcode'       => '',
+			'state_attcode'       => '',
+			'reconc_keys'         => array(''),
+			'db_table'            => 'priv_temporary_object_descriptor',
+			'db_key_field'        => 'id',
+			'db_finalclass_field' => '',
+			'style'               => new ormStyle(null, null, null, null, null, null),
+			'indexes'             => array(
+				1 =>
+					array(
+						0 => 'temp_id',
+					),
+				2 =>
+					array(
+						0 => 'item_class',
+						1 => 'item_id',
+					),
+			),
+		);
+		MetaModel::Init_Params($aParams);
+		MetaModel::Init_InheritAttributes();
+		MetaModel::Init_AddAttribute(new AttributeDateTime('expiration_date', array('sql' => 'expiration_date', 'is_null_allowed' => false, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('temp_id', array('sql' => 'temp_id', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('item_class', array('sql' => 'item_class', 'is_null_allowed' => false, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeObjectKey('item_id', array('class_attcode' => 'item_class', 'sql' => 'item_id', 'is_null_allowed' => true, 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeDateTime('creation_date', array('sql' => 'creation_date', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('host_class', array('sql' => 'host_class', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeObjectKey('host_id', array('class_attcode' => 'host_class', 'sql' => 'host_id', 'is_null_allowed' => true, 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeString('host_att_code', array('sql' => 'host_att_code', 'is_null_allowed' => true, 'default_value' => '', 'allowed_values' => null, 'depends_on' => array(), 'always_load_in_tables' => false)));
+		MetaModel::Init_AddAttribute(new AttributeEnum("operation", array("allowed_values" => new ValueSetEnum('create,delete'), "sql" => "operation", "default_value" => "create", "is_null_allowed" => true, "depends_on" => array())));
+
+		MetaModel::Init_SetZListItems('details', array(
+			0 => 'temp_id',
+			1 => 'item_class',
+			2 => 'item_id',
+			3 => 'creation_date',
+			4 => 'expiration_date',
+			5 => 'meta',
+		));
+		MetaModel::Init_SetZListItems('standard_search', array(
+			0 => 'temp_id',
+			1 => 'item_class',
+			2 => 'item_id',
+		));
+		MetaModel::Init_SetZListItems('list', array(
+			0 => 'temp_id',
+			1 => 'item_class',
+			2 => 'item_id',
+			3 => 'creation_date',
+			4 => 'expiration_date',
+		));;
+	}
+
+
+	public function DBInsertNoReload()
+	{
+		$this->SetCurrentDateIfNull('creation_date');
+
+		return parent::DBInsertNoReload();
+	}
+
+
+	/**
+	 * Set/Update all of the '_item' fields
+	 *
+	 * @param object $oItem Container item
+	 *
+	 * @return void
+	 */
+	public function SetItem($oItem, $bUpdateOnChange = false)
+	{
+		$sClass = get_class($oItem);
+		$iItemId = $oItem->GetKey();
+
+		$this->Set('item_class', $sClass);
+		$this->Set('item_id', $iItemId);
+	}
+}

core/action.class.inc.php

@@ -16,6 +16,7 @@
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
 
+use Combodo\iTop\Application\TwigBase\Twig\TwigHelper;
 
 /**
  * Persistent classes (internal): user defined actions
@@ -225,7 +226,22 @@ class ActionEmail extends ActionNotification
 	 * @since 3.0.1
 	 */
 	const ENUM_HEADER_NAME_REFERENCES = 'References';
-
+	/**
+	 * @var string
+	 * @since 3.1.0
+	 */
+	const TEMPLATE_BODY_CONTENT = '$content$';
+	/**
+	 * Wraps the 'body' of the message for previewing inside an IFRAME -- i.e. without any of the iTop stylesheets being applied
+	 * @var string
+	 * @since 3.1.0
+	 */
+	const CONTENT_HIGHLIGHT = '<div style="border:2px dashed #6800ff;position:relative;padding:2px;margin-top:14px;"><div style="background-color:#6800ff;color:#fff;font-family:Courier New, sans-serif;font-size:14px;line-height:16px;padding:3px;display:block;position:absolute;top:-22px;right:0;">$content$</div>%s</div>';
+	/**
+	 * Wraps a placeholder of the email's body for previewing inside an IFRAME -- i.e. without any of the iTop stylesheets being applied
+	 * @var string
+	 */
+	const FIELD_HIGHLIGHT = '<span style="background-color:#6800ff;color:#fff;font-size:smaller;font-family:Courier New, sans-serif;padding:2px;">\\$$1\\$</span>';
 	/**
 	 * @inheritDoc
 	 */
@@ -257,6 +273,10 @@ class ActionEmail extends ActionNotification
 		MetaModel::Init_AddAttribute(new AttributeTemplateString("subject", array("allowed_values" => null, "sql" => "subject", "default_value" => null, "is_null_allowed" => false, "depends_on" => array())));
 		MetaModel::Init_AddAttribute(new AttributeTemplateHTML("body", array("allowed_values" => null, "sql" => "body", "default_value" => null, "is_null_allowed" => false, "depends_on" => array())));
 		MetaModel::Init_AddAttribute(new AttributeEnum("importance", array("allowed_values" => new ValueSetEnum('low,normal,high'), "sql" => "importance", "default_value" => 'normal', "is_null_allowed" => false, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeApplicationLanguage("language", array("sql"=>"language", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeBlob("html_template", array("is_null_allowed"=>true, "depends_on"=>array(), "always_load_in_tables"=>false)));
+		MetaModel::Init_AddAttribute(new AttributeEnum("ignore_notify", array("allowed_values" => new ValueSetEnum('yes,no'), "sql" => "ignore_notify", "default_value" => 'yes', "is_null_allowed" => false, "depends_on" => array())));
+		
 
 		// Display lists
 		// - Attributes to be displayed for the complete details
@@ -266,8 +286,10 @@ class ActionEmail extends ActionNotification
 					0 => 'name',
 					1 => 'description',
 					2 => 'status',
-					3 => 'subject',
-					4 => 'body',
+					3 => 'language',
+					4 => 'html_template',
+					5 => 'subject',
+					6 => 'body',
 					// 5 => 'importance', not handled when sending the mail, better hide it then
 				),
 				'fieldset:ActionEmail:trigger' => array(
@@ -281,20 +303,21 @@ class ActionEmail extends ActionNotification
 					2 => 'reply_to',
 					3 => 'reply_to_label',
 					4 => 'test_recipient',
-					5 => 'to',
-					6 => 'cc',
-					7 => 'bcc',
+					5 => 'ignore_notify',
+					6 => 'to',
+					7 => 'cc',
+					8 => 'bcc',
 				),
 			),
 		));
 
 		// - Attributes to be displayed for a list
-		MetaModel::Init_SetZListItems('list', array('status', 'to', 'subject'));
+		MetaModel::Init_SetZListItems('list', array('status', 'to', 'subject', 'language'));
 		// Search criteria
 		// - Standard criteria of the search
-		MetaModel::Init_SetZListItems('standard_search', array('name', 'description', 'status', 'subject'));
+		MetaModel::Init_SetZListItems('standard_search', array('name', 'description', 'status', 'subject', 'language'));
 		// - Default criteria for the search
-		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'status', 'subject'));
+		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'status', 'subject', 'language'));
 	}
 
 	// count the recipients found
@@ -324,6 +347,15 @@ class ActionEmail extends ActionNotification
 		try
 		{
 			$oSearch = DBObjectSearch::FromOQL($sOQL);
+			if ($this->Get('ignore_notify') === 'no') {
+				// In theory it is possible to notify *any* kind of object, 
+				// as long as there is an email attribute in the class
+				// So let's not assume that the selected class is a Person
+				$sFirstSelectedClass = $oSearch->GetClass();
+				if (MetaModel::IsValidAttCode($sFirstSelectedClass, 'notify')) {
+					$oSearch->AddCondition('notify', 'yes');
+				}
+			}
 			$oSearch->AllowAllData();
 		}
 		catch (OQLException $e)
@@ -448,114 +480,27 @@ class ActionEmail extends ActionNotification
 	 */
 	protected function _DoExecute($oTrigger, $aContextArgs, &$oLog)
 	{
-		$sPreviousUrlMaker = ApplicationContext::SetUrlMakerClass();
-		try
-		{
-			$this->m_iRecipients = 0;
-			$this->m_aMailErrors = array();
-
-			// Determine recipients
-			//
-			$sTo = $this->FindRecipients('to', $aContextArgs);
-			$sCC = $this->FindRecipients('cc', $aContextArgs);
-			$sBCC = $this->FindRecipients('bcc', $aContextArgs);
-
-			$sFrom = MetaModel::ApplyParams($this->Get('from'), $aContextArgs);
-			$sFromLabel = MetaModel::ApplyParams($this->Get('from_label'), $aContextArgs);
-			$sReplyTo = MetaModel::ApplyParams($this->Get('reply_to'), $aContextArgs);
-			$sReplyToLabel = MetaModel::ApplyParams($this->Get('reply_to_label'), $aContextArgs);
-
-			$sSubject = MetaModel::ApplyParams($this->Get('subject'), $aContextArgs);
-			$sBody = MetaModel::ApplyParams($this->Get('body'), $aContextArgs);
-
-			$oObj = $aContextArgs['this->object()'];
-			$sMessageId = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_MESSAGE_ID);
-			$sReference = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_REFERENCES);
-		}
-		catch (Exception $e) {
-			/** @noinspection PhpUnhandledExceptionInspection */
-			throw $e;
-		}
-		finally {
-			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
-		}
-
-		if (!is_null($oLog)) {
-			// Note: we have to secure this because those values are calculated
-			// inside the try statement, and we would like to keep track of as
-			// many data as we could while some variables may still be undefined
-			if (isset($sTo)) {
-				$oLog->Set('to', $sTo);
-			}
-			if (isset($sCC)) {
-				$oLog->Set('cc', $sCC);
-			}
-			if (isset($sBCC)) {
-				$oLog->Set('bcc', $sBCC);
-			}
-			if (isset($sFrom)) {
-				$oLog->Set('from', $sFrom);
-			}
-			if (isset($sSubject)) {
-				$oLog->Set('subject', $sSubject);
-			}
-			if (isset($sBody)) {
-				$oLog->Set('body', $sBody);
-			}
-		}
 		$sStyles = file_get_contents(APPROOT.'css/email.css');
 		$sStyles .= MetaModel::GetConfig()->Get('email_css');
-
+		
 		$oEmail = new EMail();
-
-		if ($this->IsBeingTested()) {
-			$oEmail->SetSubject('TEST['.$sSubject.']');
-			$sTestBody = $sBody;
-			$sTestBody .= "<div style=\"border: dashed;\">\n";
-			$sTestBody .= "<h1>Testing email notification ".$this->GetHyperlink()."</h1>\n";
-			$sTestBody .= "<p>The email should be sent with the following properties\n";
-			$sTestBody .= "<ul>\n";
-			$sTestBody .= "<li>TO: $sTo</li>\n";
-			$sTestBody .= "<li>CC: $sCC</li>\n";
-			$sTestBody .= "<li>BCC: $sBCC</li>\n";
-			$sTestBody .= empty($sFromLabel) ? "<li>From: $sFrom</li>\n" : "<li>From: $sFromLabel &lt;$sFrom&gt;</li>\n";
-			$sTestBody .= empty($sReplyToLabel) ? "<li>Reply-To: $sReplyTo</li>\n" : "<li>Reply-To: $sReplyToLabel &lt;$sReplyTo&gt;</li>\n";
-			$sTestBody .= "<li>References: $sReference</li>\n";
-			$sTestBody .= "</ul>\n";
-			$sTestBody .= "</p>\n";
-			$sTestBody .= "</div>\n";
-			$oEmail->SetBody($sTestBody, 'text/html', $sStyles);
-			$oEmail->SetRecipientTO($this->Get('test_recipient'));
-			$oEmail->SetRecipientFrom($sFrom, $sFromLabel);
-			$oEmail->SetReferences($sReference);
-			$oEmail->SetMessageId($sMessageId);
-			// Note: N°4849 We pass the "References" identifier instead of the "Message-ID" on purpose as we want notifications emails to group around the triggering iTop object, not just the users' replies to the notification
-			$oEmail->SetInReplyTo($sReference);
-		} else {
-			$oEmail->SetSubject($sSubject);
-			$oEmail->SetBody($sBody, 'text/html', $sStyles);
-			$oEmail->SetRecipientTO($sTo);
-			$oEmail->SetRecipientCC($sCC);
-			$oEmail->SetRecipientBCC($sBCC);
-			$oEmail->SetRecipientFrom($sFrom, $sFromLabel);
-			$oEmail->SetRecipientReplyTo($sReplyTo, $sReplyToLabel);
-			$oEmail->SetReferences($sReference);
-			$oEmail->SetMessageId($sMessageId);
-			// Note: N°4849 We pass the "References" identifier instead of the "Message-ID" on purpose as we want notifications emails to group around the triggering iTop object, not just the users' replies to the notification
-			$oEmail->SetInReplyTo($sReference);
+		
+		$aEmailContent = $this->PrepareMessageContent($aContextArgs, $oLog);
+		$oEmail->SetSubject($aEmailContent['subject']);
+		$oEmail->SetBody($aEmailContent['body'], 'text/html', $sStyles);
+		$oEmail->SetRecipientTO($aEmailContent['to']);
+		$oEmail->SetRecipientCC($aEmailContent['cc']);
+		$oEmail->SetRecipientBCC($aEmailContent['bcc']);
+		$oEmail->SetRecipientFrom($aEmailContent['from'], $aEmailContent['from_label']);
+		$oEmail->SetRecipientReplyTo($aEmailContent['reply_to'], $aEmailContent['reply_to_label']);
+		$oEmail->SetReferences($aEmailContent['references']);
+		$oEmail->SetMessageId($aEmailContent['message_id']);
+		$oEmail->SetInReplyTo($aEmailContent['in_reply_to']);
+		
+		foreach($aEmailContent['attachments'] as $aAttachment) {
+			$oEmail->AddAttachment($aAttachment['data'], $aAttachment['filename'], $aAttachment['mime_type']);
 		}
-
-		if (isset($aContextArgs['attachments']))
-		{
-			$aAttachmentReport = array();
-			foreach($aContextArgs['attachments'] as $oDocument)
-			{
-				$oEmail->AddAttachment($oDocument->GetData(), $oDocument->GetFileName(), $oDocument->GetMimeType());
-				$aAttachmentReport[] = array($oDocument->GetFileName(), $oDocument->GetMimeType(), strlen($oDocument->GetData()));
-			}
-			$oLog->Set('attachments', $aAttachmentReport);
-		}
-
+		
 		if (empty($this->m_aMailErrors))
 		{
 			if ($this->m_iRecipients == 0)
@@ -564,6 +509,7 @@ class ActionEmail extends ActionNotification
 			}
 			else
 			{
+				$aErrors = [];
 				$iRes = $oEmail->Send($aErrors, false, $oLog); // allow asynchronous mode
 				switch ($iRes)
 				{
@@ -588,13 +534,150 @@ class ActionEmail extends ActionNotification
 		}
 	}
 
+	/**
+	 * @param array $aContextArgs
+	 * @param \EventNotification $oLog
+	 *
+	 * @return array
+	 * @throws \CoreException
+	 * @throws \Exception
+	 * @since 3.1.0 N°918
+	 */
+	protected function PrepareMessageContent($aContextArgs, &$oLog): array
+	{
+		$aMessageContent = [
+			'to' => '',
+			'cc' => '',
+			'bcc' => '',
+			'from' => '',
+			'from_label' => '',
+			'reply_to' => '',
+			'reply_to_label' => '',
+			'subject' => '',
+			'body' => '',
+			'references' => '',
+			'message_id' => '',
+			'in_reply_to' => '',
+			'attachments' => [],
+		];
+		$sPreviousUrlMaker = ApplicationContext::SetUrlMakerClass();
+		$sPreviousLanguage = Dict::GetUserLanguage();
+		$aPreviousPluginProperties = ApplicationContext::GetPluginProperties('QueryLocalizerPlugin');
+		if ($this->Get('language') !== '') {
+			// If a language is specified for this action, force this language
+			// when rendering all placeholders inside this message
+			Dict::SetUserLanguage($this->Get('language'));
+			AttributeDateTime::LoadFormatFromConfig();
+			ApplicationContext::SetPluginProperty('QueryLocalizerPlugin', 'language_code', $this->Get('language'));
+		}
+
+		try
+		{
+			$this->m_iRecipients = 0;
+			$this->m_aMailErrors = array();
+			
+			// Determine recipients
+			//
+			$aMessageContent['to'] = $this->FindRecipients('to', $aContextArgs);
+			$aMessageContent['cc'] = $this->FindRecipients('cc', $aContextArgs);
+			$aMessageContent['bcc'] = $this->FindRecipients('bcc', $aContextArgs);
+			
+			$aMessageContent['from'] = MetaModel::ApplyParams($this->Get('from'), $aContextArgs);
+			$aMessageContent['from_label'] = MetaModel::ApplyParams($this->Get('from_label'), $aContextArgs);
+			$aMessageContent['reply_to'] = MetaModel::ApplyParams($this->Get('reply_to'), $aContextArgs);
+			$aMessageContent['reply_to_label'] = MetaModel::ApplyParams($this->Get('reply_to_label'), $aContextArgs);
+			
+			$aMessageContent['subject'] = MetaModel::ApplyParams($this->Get('subject'), $aContextArgs);
+			$sBody = $this->BuildMessageBody(false);
+			$aMessageContent['body'] = MetaModel::ApplyParams($sBody, $aContextArgs);
+			
+			$oObj = $aContextArgs['this->object()'];
+			$aMessageContent['message_id'] = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_MESSAGE_ID);
+			$aMessageContent['references'] = $this->GenerateIdentifierForHeaders($oObj, static::ENUM_HEADER_NAME_REFERENCES);
+		}
+		catch (Exception $e) {
+			/** @noinspection PhpUnhandledExceptionInspection */
+			throw $e;
+		}
+		finally {
+			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
+			Dict::SetUserLanguage($sPreviousLanguage);
+			AttributeDateTime::LoadFormatFromConfig();
+			ApplicationContext::SetPluginProperty('QueryLocalizerPlugin', 'language_code', $aPreviousPluginProperties['language_code'] ?? null);
+		}
+		
+		if (!is_null($oLog)) {
+			// Note: we have to secure this because those values are calculated
+			// inside the try statement, and we would like to keep track of as
+			// many data as we could while some variables may still be undefined
+			if (isset($aMessageContent['to'])) {
+				$oLog->Set('to', $aMessageContent['to']);
+			}
+			if (isset($aMessageContent['cc'])) {
+				$oLog->Set('cc', $aMessageContent['cc']);
+			}
+			if (isset($aMessageContent['bcc'])) {
+				$oLog->Set('bcc', $aMessageContent['bcc']);
+			}
+			if (isset($aMessageContent['from'])) {
+				$oLog->Set('from', $aMessageContent['from']);
+			}
+			if (isset($aMessageContent['subject'])) {
+				$oLog->Set('subject', $aMessageContent['subject']);
+			}
+			if (isset($aMessageContent['body'])) {
+				$oLog->Set('body', HTMLSanitizer::Sanitize($aMessageContent['body']));
+			}
+		}
+		$sStyles = file_get_contents(APPROOT.'css/email.css');
+		$sStyles .= MetaModel::GetConfig()->Get('email_css');
+		
+		if ($this->IsBeingTested()) {
+			$sTestBody = $aMessageContent['body'];
+			$sTestBody .= "<div style=\"border: dashed;\">\n";
+			$sTestBody .= "<h1>Testing email notification ".$this->GetHyperlink()."</h1>\n";
+			$sTestBody .= "<p>The email should be sent with the following properties\n";
+			$sTestBody .= "<ul>\n";
+			$sTestBody .= "<li>TO: {$aMessageContent['to']}</li>\n";
+			$sTestBody .= "<li>CC: {$aMessageContent['cc']}</li>\n";
+			$sTestBody .= "<li>BCC: {$aMessageContent['bcc']}</li>\n";
+			$sTestBody .= empty($aMessageContent['from_label']) ? "<li>From: {$aMessageContent['from']}</li>\n" : "<li>From: {$aMessageContent['from_label']} &lt;{$aMessageContent['from']}&gt;</li>\n";
+			$sTestBody .= empty($aMessageContent['reply_to_label']) ? "<li>Reply-To: {$aMessageContent['reply_to']}</li>\n" : "<li>Reply-To: {$aMessageContent['reply_to_label']} &lt;{$aMessageContent['reply_to']}&gt;</li>\n";
+			$sTestBody .= "<li>References: {$aMessageContent['references']}</li>\n";
+			$sTestBody .= "</ul>\n";
+			$sTestBody .= "</p>\n";
+			$sTestBody .= "</div>\n";
+			$aMessageContent['subject'] = 'TEST['.$aMessageContent['subject'].']';
+			$aMessageContent['body'] = $sTestBody;
+			$aMessageContent['to'] = $this->Get('test_recipient');
+			// N°6677 Ensure emails in test are never sent to cc'd and bcc'd addresses
+			$aMessageContent['cc'] = '';
+			$aMessageContent['bcc'] = '';
+		}
+		// Note: N°4849 We pass the "References" identifier instead of the "Message-ID" on purpose as we want notifications emails to group around the triggering iTop object, not just the users' replies to the notification
+		$aMessageContent['in_reply_to'] = $aMessageContent['references'];
+		
+		if (isset($aContextArgs['attachments']))
+		{
+			$aAttachmentReport = array();
+			foreach($aContextArgs['attachments'] as $oDocument)
+			{
+				$aMessageContent['attachments'][] = ['data' => $oDocument->GetData(), 'filename' => $oDocument->GetFileName(), 'mime_type' => $oDocument->GetMimeType()];
+				$aAttachmentReport[] = array($oDocument->GetFileName(), $oDocument->GetMimeType(), strlen($oDocument->GetData()));
+			}
+			$oLog->Set('attachments', $aAttachmentReport);
+		}
+		
+		return $aMessageContent;
+	}
+
 	/**
 	 * @param \DBObject $oObject
 	 * @param string $sHeaderName {@see \ActionEmail::ENUM_HEADER_NAME_REFERENCES}, {@see \ActionEmail::ENUM_HEADER_NAME_MESSAGE_ID}
 	 *
 	 * @return string The formatted identifier for $sHeaderName based on $oObject
 	 * @throws \Exception
-	 * @since 3.0.1 N°4849
+	 * @since 3.1.0 N°4849
 	 */
 	protected function GenerateIdentifierForHeaders(DBObject $oObject, string $sHeaderName): string
 	{
@@ -629,4 +712,65 @@ class ActionEmail extends ActionNotification
 		]);
 		throw new Exception($sErrorMessage);
 	}
+	
+	/**
+	 * Compose the body of the message from the 'body' attribute and the HTML template (if any)
+	 * @since 3.1.0 N°4849
+	 * @param bool $bHighlightPlaceholders If true add some extra HTML around placeholders to highlight them 
+	 * @return string
+	 */
+	protected function BuildMessageBody(bool $bHighlightPlaceholders = false): string
+	{
+		$sBody = $this->Get('body');
+		/**  @var ormDocument $oHtmlTemplate */
+		$oHtmlTemplate = $this->Get('html_template');
+		if ($oHtmlTemplate && !$oHtmlTemplate->IsEmpty()) {
+			$sHtmlTemplate = $oHtmlTemplate->GetData();
+			if (false !== mb_strpos($sHtmlTemplate, static::TEMPLATE_BODY_CONTENT)) {
+				if ($bHighlightPlaceholders) {
+					// Highlight the $content$ block
+					$sBody = sprintf(static::CONTENT_HIGHLIGHT, $sBody);
+				}
+				$sBody = str_replace(static::TEMPLATE_BODY_CONTENT, $sBody, $oHtmlTemplate->GetData()); // str_replace is ok as long as both strings are well-formed UTF-8
+			} else {
+				$sBody = $oHtmlTemplate->GetData();
+			}
+		}
+		if($bHighlightPlaceholders) {
+			// Highlight all placeholders
+			$sBody = preg_replace('/\\$([^$]+)\\$/', static::FIELD_HIGHLIGHT, $sBody);
+		}
+		return $sBody;
+	}
+	
+	/**
+	 * @since 3.1.0 N°4849
+	 * @inheritDoc
+	 * @see cmdbAbstractObject::DisplayBareRelations()
+	 */
+	public function DisplayBareRelations(WebPage $oPage, $bEditMode = false)
+	{
+		parent::DisplayBareRelations($oPage, false);
+		if (!$bEditMode) {
+			$oPage->SetCurrentTab('action_email__preview', Dict::S('ActionEmail:preview_tab'), Dict::S('ActionEmail:preview_tab+'));
+			$sBody = $this->BuildMessageBody(true);
+			TwigHelper::RenderIntoPage($oPage, APPROOT.'/', 'templates/datamodel/ActionEmail/email-notification-preview', ['iframe_content' => $sBody]);
+		}
+	}
+
+	/**
+	 * @since 3.1.0
+	 * @inheritDoc
+	 * @see cmdbAbstractObject::DoCheckToWrite()
+	 */
+	public function DoCheckToWrite()
+	{
+		parent::DoCheckToWrite();
+		$oHtmlTemplate = $this->Get('html_template');
+		if ($oHtmlTemplate && !$oHtmlTemplate->IsEmpty()) {
+			if (false === mb_strpos($oHtmlTemplate->GetData(), static::TEMPLATE_BODY_CONTENT)) {
+				$this->m_aCheckWarnings[] = Dict::Format('ActionEmail:content_placeholder_missing', static::TEMPLATE_BODY_CONTENT, Dict::S('Class:ActionEmail/Attribute:body'));
+			}
+		}
+	}
 }

core/attributedef.class.inc.php

@@ -9,8 +9,7 @@ use Combodo\iTop\Application\UI\Links\Set\BlockLinkSetDisplayAsProperty;
 use Combodo\iTop\Form\Field\LabelField;
 use Combodo\iTop\Form\Field\TextAreaField;
 use Combodo\iTop\Form\Form;
-use Combodo\iTop\Form\Validator\NotEmptyExtKeyValidator;
-use Combodo\iTop\Form\Validator\Validator;
+use Combodo\iTop\Form\Validator\CustomRegexpValidator;
 use Combodo\iTop\Renderer\BlockRenderer;
 use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
 use Combodo\iTop\Service\Links\LinkSetModel;
@@ -92,9 +91,6 @@ define('LINKSET_EDITMODE_ACTIONS', 2); // Show the usual 'Actions' popup menu
 define('LINKSET_EDITMODE_INPLACE', 3); // The "linked" objects can be created/modified/deleted in place
 define('LINKSET_EDITMODE_ADDREMOVE', 4); // The "linked" objects can be added/removed in place
 
-define('LINKSET_RELATIONTYPE_PROPERTY', 'property');
-define('LINKSET_RELATIONTYPE_LINK', 'link');
-
 define('LINKSET_DISPLAY_STYLE_PROPERTY', 'property');
 define('LINKSET_DISPLAY_STYLE_TAB', 'tab');
 
@@ -1125,7 +1121,7 @@ abstract class AttributeDefinition
 
 		// Validation pattern
 		if ($this->GetValidationPattern() !== '') {
-			$oFormField->AddValidator(new Validator($this->GetValidationPattern()));
+			$oFormField->AddValidator(new CustomRegexpValidator($this->GetValidationPattern()));
 		}
 
 		// Description
@@ -1154,6 +1150,13 @@ abstract class AttributeDefinition
 			$oFormField->AddMetadata('value-raw', (string)$oObject->Get($this->GetCode()));
 		}
 
+		// We don't want to invalidate field because of old untouched values that are no longer valid
+		$aModifiedAttCodes = $oObject->ListChanges();
+		$bAttributeHasBeenModified = array_key_exists($this->GetCode(), $aModifiedAttCodes);
+		if (false === $bAttributeHasBeenModified) {
+			$oFormField->SetValidationDisabled(true);
+		}
+
 		return $oFormField;
 	}
 
@@ -1696,22 +1699,12 @@ class AttributeLinkedSet extends AttributeDefinition
 
 	/**
 	 * @return string see LINKSET_EDITMODE_* constants
-	 * @since 3.1.0 N°5563 relations are edited using new attributes in details mode, but as nothing changed in edit mode we are still using edit_mode attribute
 	 */
 	public function GetEditMode()
 	{
 		return $this->GetOptional('edit_mode', LINKSET_EDITMODE_ACTIONS);
 	}
 
-	/**
-	 * @return string see LINKSET_RELATIONTYPE_* constants
-	 * @since 3.1.0 N°5563
-	 */
-	public function GetRelationType()
-	{
-		return $this->GetOptional('relation_type', LINKSET_RELATIONTYPE_LINK);
-	}
-
 	/**
 	 * @return string see LINKSET_DISPLAY_STYLE_* constants
 	 * @since 3.1.0 N°3190
@@ -1727,12 +1720,13 @@ class AttributeLinkedSet extends AttributeDefinition
 	}
 
 	/**
-	 * @return boolean
-	 * @since 3.1.0 N°5563
+	 * Indicates if the current Attribute has constraints (php constraints or datamodel constraints)
+	 * @return bool true if Attribute has constraints
+	 * @since 3.1.0 N°6228
 	 */
-	public function GetReadOnly()
+	public function GetHasConstraint()
 	{
-		return $this->GetOptional('read_only', false);
+		return $this->GetOptional('with_php_constraint', false);
 	}
 
 	public function GetLinkedClass()
@@ -1761,12 +1755,58 @@ class AttributeLinkedSet extends AttributeDefinition
 	}
 
 	/** @inheritDoc * */
-	public function GetAsHTML($sValue, $oHostObject = null, $bLocalize = true): string
+	public function GetAsHTML($sValue, $oHostObject = null, $bLocalize = true)
+	{
+		if($this->GetDisplayStyle() === LINKSET_DISPLAY_STYLE_TAB){
+			return $this->GetAsHTMLForTab($sValue, $oHostObject, $bLocalize);
+		}
+		else{
+			return $this->GetAsHTMLForProperty($sValue, $oHostObject, $bLocalize);
+		}
+	}
+
+	public function GetAsHTMLForTab($sValue, $oHostObject = null, $bLocalize = true)
+	{
+		if (is_object($sValue) && ($sValue instanceof ormLinkSet))
+		{
+			$sValue->Rewind();
+			$aItems = array();
+			while ($oObj = $sValue->Fetch())
+			{
+				// Show only relevant information (hide the external key to the current object)
+				$aAttributes = array();
+				foreach(MetaModel::ListAttributeDefs($this->GetLinkedClass()) as $sAttCode => $oAttDef)
+				{
+					if ($sAttCode == $this->GetExtKeyToMe())
+					{
+						continue;
+					}
+					if ($oAttDef->IsExternalField())
+					{
+						continue;
+					}
+					$sAttValue = $oObj->GetAsHTML($sAttCode);
+					if (strlen($sAttValue) > 0)
+					{
+						$aAttributes[] = $sAttValue;
+					}
+				}
+				$sAttributes = implode(', ', $aAttributes);
+				$aItems[] = $sAttributes;
+			}
+
+			return implode('<br/>', $aItems);
+		}
+
+		return null;
+	}
+
+	public function GetAsHTMLForProperty($sValue, $oHostObject = null, $bLocalize = true): string
 	{
 		try {
 
 			/** @var ormLinkSet $sValue */
-			if ($sValue->Count() === 0) {
+			if (is_null($sValue) || $sValue->Count() === 0) {
 				return '';
 			}
 
@@ -2385,43 +2425,61 @@ class AttributeLinkedSet extends AttributeDefinition
 	{
 		if ($oFormField === null)
 		{
-            $sFormFieldClass = static::GetFormFieldClass();
-            $oFormField = new $sFormFieldClass($this->GetCode());
-        }
+			$sFormFieldClass = static::GetFormFieldClass();
+			$oFormField = new $sFormFieldClass($this->GetCode());
+		}
 
-        // Setting target class
+		// Setting target class
 		if (!$this->IsIndirect()) {
-            $sTargetClass = $this->GetLinkedClass();
-        } else {
-            /** @var \AttributeExternalKey $oRemoteAttDef */
-            /** @var \AttributeLinkedSetIndirect $this */
-            $oRemoteAttDef = MetaModel::GetAttributeDef($this->GetLinkedClass(), $this->GetExtKeyToRemote());
-            $sTargetClass = $oRemoteAttDef->GetTargetClass();
+			$sTargetClass = $this->GetLinkedClass();
+		} else {
+			/** @var \AttributeExternalKey $oRemoteAttDef */
+			/** @var \AttributeLinkedSetIndirect $this */
+			$oRemoteAttDef = MetaModel::GetAttributeDef($this->GetLinkedClass(), $this->GetExtKeyToRemote());
+			$sTargetClass = $oRemoteAttDef->GetTargetClass();
 
-            /** @var \AttributeLinkedSetIndirect $this */
-            $oFormField->SetExtKeyToRemote($this->GetExtKeyToRemote());
-        }
-        $oFormField->SetTargetClass($sTargetClass);
-        $oFormField->SetIndirect($this->IsIndirect());
-        // Setting attcodes to display
-        $aAttCodesToDisplay = MetaModel::FlattenZList(MetaModel::GetZListItems($sTargetClass, 'list'));
-        // - Adding friendlyname attribute to the list is not already in it
-        $sTitleAttCode = MetaModel::GetFriendlyNameAttributeCode($sTargetClass);
-        if (($sTitleAttCode !== null) && !in_array($sTitleAttCode, $aAttCodesToDisplay)) {
-            $aAttCodesToDisplay = array_merge(array($sTitleAttCode), $aAttCodesToDisplay);
-        }
-        // - Adding attribute labels
-        $aAttributesToDisplay = array();
-        foreach ($aAttCodesToDisplay as $sAttCodeToDisplay) {
-            $oAttDefToDisplay = MetaModel::GetAttributeDef($sTargetClass, $sAttCodeToDisplay);
-            $aAttributesToDisplay[$sAttCodeToDisplay] = $oAttDefToDisplay->GetLabel();
-        }
-        $oFormField->SetAttributesToDisplay($aAttributesToDisplay);
+			/** @var \AttributeLinkedSetIndirect $this */
+			$oFormField->SetExtKeyToRemote($this->GetExtKeyToRemote());
+		}
+		$oFormField->SetTargetClass($sTargetClass);
+		$oFormField->SetLinkedClass($this->GetLinkedClass());
+		$oFormField->SetIndirect($this->IsIndirect());
+		// Setting attcodes to display
+		$aAttCodesToDisplay = MetaModel::FlattenZList(MetaModel::GetZListItems($sTargetClass, 'list'));
+		// - Adding friendlyname attribute to the list is not already in it
+		$sTitleAttCode = MetaModel::GetFriendlyNameAttributeCode($sTargetClass);
+		if (($sTitleAttCode !== null) && !in_array($sTitleAttCode, $aAttCodesToDisplay)) {
+			$aAttCodesToDisplay = array_merge(array($sTitleAttCode), $aAttCodesToDisplay);
+		}
+		// - Adding attribute properties
+		$aAttributesToDisplay = array();
+		foreach ($aAttCodesToDisplay as $sAttCodeToDisplay) {
+			$oAttDefToDisplay = MetaModel::GetAttributeDef($sTargetClass, $sAttCodeToDisplay);
+			$aAttributesToDisplay[$sAttCodeToDisplay] = [
+				'att_code' => $sAttCodeToDisplay,
+				'label'    => $oAttDefToDisplay->GetLabel(),
+			];
+		}
+		$oFormField->SetAttributesToDisplay($aAttributesToDisplay);
 
-        parent::MakeFormField($oObject, $oFormField);
+		// Append lnk attributes (filtered from zlist)
+		if ($this->IsIndirect()) {
+			$aLnkAttDefToDisplay = MetaModel::GetZListAttDefsFilteredForIndirectLinkClass($this->m_sHostClass, $this->m_sCode);
+			$aLnkAttributesToDisplay = array();
+			foreach ($aLnkAttDefToDisplay as $oLnkAttDefToDisplay) {
+				$aLnkAttributesToDisplay[$oLnkAttDefToDisplay->GetCode()] = [
+					'att_code'  => $oLnkAttDefToDisplay->GetCode(),
+					'label'     => $oLnkAttDefToDisplay->GetLabel(),
+					'mandatory' => !$oLnkAttDefToDisplay->IsNullAllowed(),
+				];
+			}
+			$oFormField->SetLnkAttributesToDisplay($aLnkAttributesToDisplay);
+		}
 
-        return $oFormField;
-    }
+		parent::MakeFormField($oObject, $oFormField);
+
+		return $oFormField;
+	}
 
     public function IsPartOfFingerprint()
     {
@@ -2527,15 +2585,6 @@ class AttributeLinkedSetIndirect extends AttributeLinkedSet
 		return $this->GetOptional("duplicates", false);
 	} // The same object may be linked several times... or not...
 
-	/**
-	 * @return boolean
-	 * @since 3.1.0 N°5563
-	 */
-	public function GetReadOnly()
-	{
-		return $this->GetOptional('read_only', false);
-	}
-
 	public function GetTrackingLevel()
 	{
 		return $this->GetOptional('tracking_level',
@@ -3120,7 +3169,7 @@ class AttributeDecimal extends AttributeDBField
 		$iPrecision = $this->Get('decimals');
 		$iNbIntegerDigits = $iNbDigits - $iPrecision - 1; // -1 because the first digit is treated separately in the pattern below
 
-		return "^[-+]?[0-9]\d{0,$iNbIntegerDigits}(\.\d{0,$iPrecision})?$";
+		return "^[\-\+]?[0-9]\d{0,$iNbIntegerDigits}(\.\d{0,$iPrecision})?$";
 	}
 
 	public function GetBasicFilterOperators()
@@ -3842,6 +3891,12 @@ class AttributeApplicationLanguage extends AttributeString
 		{
 			$aLanguageCodes[$sLangCode] = $aInfo['description'].' ('.$aInfo['localized_description'].')';
 		}
+
+		// N°6462 This should be sorted directly in \Dict during the compilation but we can't for 2 reasons:
+		// - Additional languages can be added on the fly even though it is not recommended
+		// - Formatting is done at run time (just above)
+		natcasesort($aLanguageCodes);
+
 		$aParams["allowed_values"] = new ValueSetEnum($aLanguageCodes);
 		parent::__construct($sCode, $aParams);
 	}
@@ -4132,7 +4187,7 @@ class AttributePassword extends AttributeString implements iAttributeNoGroupBy
 
 	public function GetAsHTML($sValue, $oHostObject = null, $bLocalize = true)
 	{
-		if (strlen($sValue) == 0)
+		if (utils::IsNullOrEmptyString($sValue))
 		{
 			return '';
 		}
@@ -5900,6 +5955,14 @@ class AttributeEnum extends AttributeString
 			$aLocalizedValues[$sKey] = $this->GetValueLabel($sKey);
 		}
 
+		// Sort by label only if necessary
+		// See N°1646 and {@see \MFCompiler::CompileAttributeEnumValues()} for complete information as for why sort on labels is done at runtime while other sorting are done at compile time
+		/** @var \ValueSetEnum $oValueSetDef */
+		$oValueSetDef = $this->GetValuesDef();
+		if ($oValueSetDef->IsSortedByValues()) {
+			asort($aLocalizedValues);
+		}
+
 		return $aLocalizedValues;
 	}
 
@@ -6175,7 +6238,7 @@ class AttributeDateTime extends AttributeDBField
 	/**
 	 * Load the 3 settings: date format, time format and data_time format from the configuration
 	 */
-	protected static function LoadFormatFromConfig()
+	public static function LoadFormatFromConfig()
 	{
 		$aFormats = MetaModel::GetConfig()->Get('date_and_time_format');
 		$sLang = Dict::GetUserLanguage();
@@ -7157,14 +7220,27 @@ class AttributeExternalKey extends AttributeDBFieldVoid
 		{
 			return 0;
 		}
-		if (MetaModel::IsValidObject($proposedValue))
-		{
+		if (MetaModel::IsValidObject($proposedValue)) {
 			return $proposedValue->GetKey();
 		}
 
 		return (int)$proposedValue;
 	}
 
+	/** @inheritdoc  @since 3.1 */
+	public function WriteExternalValues(DBObject $oHostObject): void
+	{
+		$sTargetKey = $oHostObject->Get($this->GetCode());
+		$oFilter = DBSearch::FromOQL('SELECT `'.TemporaryObjectDescriptor::class.'` WHERE item_class=:class AND item_id=:id');
+		$oSet = new DBObjectSet($oFilter, [], ['class' => $this->GetTargetClass(), 'id' => $sTargetKey]);
+		while ($oTemporaryObjectDescriptor = $oSet->Fetch()) {
+			$oTemporaryObjectDescriptor->Set('host_class', get_class($oHostObject));
+			$oTemporaryObjectDescriptor->Set('host_id', $oHostObject->GetKey());
+			$oTemporaryObjectDescriptor->Set('host_att_code', $this->GetCode());
+			$oTemporaryObjectDescriptor->DBUpdate();
+		}
+	}
+
 	public function GetMaximumComboLength()
 	{
 		return $this->GetOptional('max_combo_length', MetaModel::GetConfig()->Get('max_combo_length'));
@@ -7228,6 +7304,7 @@ class AttributeExternalKey extends AttributeDBFieldVoid
 
 	public function MakeFormField(DBObject $oObject, $oFormField = null)
 	{
+		/** @var \Combodo\iTop\Form\Field\Field $oFormField */
 		if ($oFormField === null) {
 			// Later : We should check $this->Get('display_style') and create a Radio / Select / ... regarding its value
 			$sFormFieldClass = static::GetFormFieldClass();
@@ -7258,19 +7335,12 @@ class AttributeExternalKey extends AttributeDBFieldVoid
 				}
 			});
 		}
-		else
-		{
+		else {
 			$oSearch = DBSearch::FromOQL($this->GetValuesDef()->GetFilterExpression());
 			$oSearch->SetInternalParams(array('this' => $oObject));
 			$oFormField->SetSearch($oSearch);
 		}
 
-		// If ExtKey is mandatory, we add a validator to ensure that the value 0 is not selected
-		if ($oObject->GetAttributeFlags($this->GetCode()) & OPT_ATT_MANDATORY)
-		{
-			$oFormField->AddValidator(new NotEmptyExtKeyValidator());
-		}
-
 		parent::MakeFormField($oObject, $oFormField);
 
 		return $oFormField;
@@ -7896,6 +7966,17 @@ class AttributeExternalField extends AttributeDefinition
 		return $oExtAttDef->MakeRealValue($proposedValue, $oHostObj);
 	}
 
+	/**
+	 * @inheritDoc
+	 * @since 3.1.0 N°6271 Delegate to remote attribute to ensure cascading computed values
+	 */
+	public function GetSQLValues($value)
+	{
+		$oExtAttDef = $this->GetExtAttDef();
+
+		return $oExtAttDef->GetSQLValues($value);
+	}
+
 	public function ScalarToSQL($value)
 	{
 		// This one could be used in case of filtering only
@@ -8304,7 +8385,7 @@ class AttributeBlob extends AttributeDefinition
 			$aValues[$this->GetCode().'_data'] = '';
 			$aValues[$this->GetCode().'_mimetype'] = '';
 			$aValues[$this->GetCode().'_filename'] = '';
-			$aValues[$this->GetCode().'_downloads_count'] = ''; // Note: Should this be set to \ormDocument::DEFAULT_DOWNLOADS_COUNT ?
+			$aValues[$this->GetCode().'_downloads_count'] = ormDocument::DEFAULT_DOWNLOADS_COUNT;
 		}
 
 		return $aValues;
@@ -8494,6 +8575,22 @@ class AttributeBlob extends AttributeDefinition
 		return utils::IsNotNullOrEmptyString($proposedValue->GetData()) && utils::IsNotNullOrEmptyString($proposedValue->GetFileName());
 	}
 
+	/**
+	 * @inheritDoc
+	 * @param \ormDocument $original
+	 * @param \ormDocument $value
+	 * @since N°6502
+	 */
+	public function RecordAttChange(DBObject $oObject, $original, $value): void
+	{
+		// N°6502 Don't record history if only the download count has changed
+		if ($original->EqualsExceptDownloadsCount($value)) {
+			return;
+		}
+
+		parent::RecordAttChange($oObject, $original, $value);
+	}
+
 	protected function GetChangeRecordAdditionalData(CMDBChangeOp $oMyChangeOp, DBObject $oObject, $original, $value): void
 	{
 		if (is_null($original)) {
@@ -8653,7 +8750,7 @@ class AttributeImage extends AttributeBlob
 			return 'data:'.$value->GetMimeType().';base64,'.base64_encode($value->GetData());
 		}
 
-		return $value->GetDownloadURL(get_class($oHostObject), $oHostObject->GetKey(), $this->GetCode());
+		return $value->GetDisplayURL(get_class($oHostObject), $oHostObject->GetKey(), $this->GetCode());
 	}
 
 	public static function GetFormFieldClass()
@@ -8680,8 +8777,11 @@ class AttributeImage extends AttributeBlob
 		}
 		else
 		{
-			$oFormField->SetDownloadUrl($this->Get('default_image'));
-			$oFormField->SetDisplayUrl($this->Get('default_image'));
+			$oDefaultImage = $this->Get('default_image');
+			if (is_object($oDefaultImage) && !$oDefaultImage->IsEmpty()) {
+				$oFormField->SetDownloadUrl($oDefaultImage);
+				$oFormField->SetDisplayUrl($oDefaultImage);
+			}
 		}
 
 		return $oFormField;
@@ -11260,6 +11360,9 @@ class AttributeClassAttCodeSet extends AttributeSet
 			}
 			$aAllowedAttributes[$sAttCode] = $sLabel;
 		}
+		// N°6460 Always sort on the labels, not on the datamodel definition order
+		natcasesort($aAllowedAttributes);
+
 		return $aAllowedAttributes;
 	}
 

core/autoload.php

@@ -35,6 +35,7 @@ MetaModel::IncludeModule('synchro/synchrodatasource.class.inc.php');
 MetaModel::IncludeModule('core/backgroundtask.class.inc.php');
 MetaModel::IncludeModule('core/inlineimage.class.inc.php');
 MetaModel::IncludeModule('core/counter.class.inc.php');
+MetaModel::IncludeModule('core/TemporaryObjectDescriptor.php');
 
 MetaModel::IncludeModule('webservices/webservices.basic.php');
 

core/bulkchange.class.inc.php

@@ -37,6 +37,14 @@ abstract class CellChangeSpec
 		return $this->m_proposedValue;
 	}
 
+	/**
+	 * @since 3.1.0 N°5305
+	 */
+	public function SetDisplayableValue(string $sDisplayableValue)
+	{
+		$this->m_proposedValue = $sDisplayableValue;
+	}
+
 	public function GetOql()
 	{
 		return $this->m_sOql;
@@ -136,6 +144,12 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 	/** @var string|null $m_sTargetClass */
 	private $m_sTargetClass;
 
+	/**
+	 * @since 3.1.0 N°5305
+	 * @var string $sAllowedValuesSearch
+	 */
+	private $sAllowedValuesSearch;
+
 	/**
 	 * CellStatus_SearchIssue constructor.
 	 * @since 3.1.0 N°5305
@@ -144,13 +158,15 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 	 * @param string $sReason : main message
 	 * @param null $sClass : used for additional message that provides allowed values for current class $sClass
 	 * @param null $sAllowedValues : used for additional message that provides allowed values $sAllowedValues for current class
+	 * @param string|null $sAllowedValuesSearch : used to search all allowed values
 	 */
-	public function __construct($sSerializedSearch, $sReason, $sClass=null, $sAllowedValues=null)
+	public function __construct($sSerializedSearch, $sReason, $sClass=null, $sAllowedValues=null, string $sAllowedValuesSearch=null)
 	{
 		parent::__construct(null, null, $sReason);
 		$this->sSerializedSearch = $sSerializedSearch;
 		$this->m_sAllowedValues = $sAllowedValues;
 		$this->m_sTargetClass = $sClass;
+		$this->sAllowedValuesSearch = $sAllowedValuesSearch;
 	}
 
 	public function GetDisplayableValue()
@@ -182,6 +198,17 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 			rawurlencode($this->sSerializedSearch)
 		);
 	}
+
+	/**
+	 * @since 3.1.0 N°5305
+	 * @return null|string
+	 */
+	public function GetAllowedValuesLinkUrl(): ?string
+	{
+		return sprintf("UI.php?operation=search&filter=%s",
+			rawurlencode($this->sAllowedValuesSearch)
+		);
+	}
 }
 
 class CellStatus_NullIssue extends CellStatus_Issue
@@ -745,6 +772,7 @@ class BulkChange
 		$oDbSearchWithoutAnyCondition->AllowAllData(false);
 		$oExtObjectSetWithCurrentUserPermissions = new CMDBObjectSet($oDbSearchWithoutAnyCondition);
 		$iCurrentUserRightsObjectCount = $oExtObjectSetWithCurrentUserPermissions->Count();
+		$sAllowedValuesOql = $oDbSearchWithoutAnyCondition->serialize();
 
 		if ($iCurrentUserRightsObjectCount === 0){
 			// No objects visible by current user
@@ -785,7 +813,7 @@ class BulkChange
 		if ($iAllowAllDataObjectCount != $iCurrentUserRightsObjectCount) {
 			// No match and some objects NOT visible by current user. including current search maybe...
 			$sReason = Dict::Format('UI:CSVReport-Value-NoMatch-SomeObjectNotVisibleForCurrentUser', $oDbSearchWithConditions->GetClass());
-			return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues);
+			return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues, $sAllowedValuesOql);
 		}
 
 		// No match. This is not linked to any right issue
@@ -796,7 +824,7 @@ class BulkChange
 		}
 		$value =implode(" ", $aCurrentValueFields);
 		$sReason = Dict::Format('UI:CSVReport-Value-NoMatch', $value);
-		return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues);
+		return new CellStatus_SearchIssue($sSerializedSearch, $sReason, $oDbSearchWithConditions->GetClass(), $allowedValues, $sAllowedValuesOql);
 	}
 
 	protected function PrepareMissingObject(&$oTargetObj, &$aErrors)

core/cmdbchange.class.inc.php

@@ -19,17 +19,17 @@ class CMDBChange extends DBObject
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "autoincrement",
-			"name_attcode" => "date",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_change",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "date",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_change",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
-			'indexes' => array(
+			'indexes'             => array(
 				array('origin'),
-			)
+			),
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();

core/cmdbchangeop.class.inc.php

@@ -52,17 +52,17 @@ class CMDBChangeOp extends DBObject implements iCMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "autoincrement",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "autoincrement",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "optype",
-			'indexes' => array(
+			'indexes'             => array(
 				array('objclass', 'objkey'),
-			)
+			),
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -121,13 +121,13 @@ class CMDBChangeOpCreate extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_create",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_create",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -157,13 +157,13 @@ class CMDBChangeOpDelete extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_delete",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_delete",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -198,13 +198,13 @@ class CMDBChangeOpSetAttribute extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -231,13 +231,13 @@ class CMDBChangeOpSetAttributeScalar extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_scalar",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_scalar",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -290,14 +290,14 @@ class CMDBChangeOpSetAttributeTagSet extends CMDBChangeOpSetAttribute
     {
         $aParams = array
         (
-            "category" => "core/cmdb",
-            "key_type" => "",
-            "name_attcode" => "change",
-            "state_attcode" => "",
-            "reconc_keys" => array(),
-            "db_table" => "priv_changeop_setatt_tagset",
-            "db_key_field" => "id",
-            "db_finalclass_field" => "",
+	        "category"            => "core/cmdb, grant_by_profile",
+	        "key_type"            => "",
+	        "name_attcode"        => "change",
+	        "state_attcode"       => "",
+	        "reconc_keys"         => array(),
+	        "db_table"            => "priv_changeop_setatt_tagset",
+	        "db_key_field"        => "id",
+	        "db_finalclass_field" => "",
         );
         MetaModel::Init_Params($aParams);
         MetaModel::Init_InheritAttributes();
@@ -350,7 +350,7 @@ class CMDBChangeOpSetAttributeURL extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category"            => "core/cmdb",
+			"category"            => "core/cmdb, grant_by_profile",
 			"key_type"            => "",
 			"name_attcode"        => "change",
 			"state_attcode"       => "",
@@ -419,13 +419,13 @@ class CMDBChangeOpSetAttributeBlob extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_data",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_data",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -498,13 +498,13 @@ class CMDBChangeOpSetAttributeOneWayPassword extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_pwd",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_pwd",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -561,13 +561,13 @@ class CMDBChangeOpSetAttributeEncrypted extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_encrypted",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_encrypted",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -627,13 +627,13 @@ class CMDBChangeOpSetAttributeText extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_text",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_text",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -695,13 +695,13 @@ class CMDBChangeOpSetAttributeLongText extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_longtext",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_longtext",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -760,13 +760,13 @@ class CMDBChangeOpSetAttributeHTML extends CMDBChangeOpSetAttributeLongText
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_html",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_html",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -824,13 +824,13 @@ class CMDBChangeOpSetAttributeCaseLog extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_log",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_log",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -903,13 +903,13 @@ class CMDBChangeOpPlugin extends CMDBChangeOp
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_plugin",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_plugin",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -944,13 +944,13 @@ abstract class CMDBChangeOpSetAttributeLinks extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_links",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_links",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -977,13 +977,13 @@ class CMDBChangeOpSetAttributeLinksAddRemove extends CMDBChangeOpSetAttributeLin
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_links_addremove",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_links_addremove",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -1044,13 +1044,13 @@ class CMDBChangeOpSetAttributeLinksTune extends CMDBChangeOpSetAttributeLinks
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_links_tune",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_links_tune",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
@@ -1134,13 +1134,13 @@ class CMDBChangeOpSetAttributeCustomFields extends CMDBChangeOpSetAttribute
 	{
 		$aParams = array
 		(
-			"category" => "core/cmdb",
-			"key_type" => "",
-			"name_attcode" => "change",
-			"state_attcode" => "",
-			"reconc_keys" => array(),
-			"db_table" => "priv_changeop_setatt_custfields",
-			"db_key_field" => "id",
+			"category"            => "core/cmdb, grant_by_profile",
+			"key_type"            => "",
+			"name_attcode"        => "change",
+			"state_attcode"       => "",
+			"reconc_keys"         => array(),
+			"db_table"            => "priv_changeop_setatt_custfields",
+			"db_key_field"        => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);

core/cmdbobject.class.inc.php

@@ -469,7 +469,10 @@ abstract class CMDBObject extends DBObject
 	 */
 	public function DBDelete(&$oDeletionPlan = null)
 	{
-		return $this->DBDeleteTracked_Internal($oDeletionPlan);
+		$this->LogCRUDEnter(__METHOD__);
+		$oDeletionPlan = $this->DBDeleteTracked_Internal($oDeletionPlan);
+		$this->LogCRUDExit(__METHOD__);
+		return $oDeletionPlan;
 	}
 
 	/**
@@ -519,15 +522,6 @@ abstract class CMDBObject extends DBObject
 			utils::PopArchiveMode();
 		}
 	}
-
-	public function DBUpdate()
-	{
-		if (count($this->ListChanges()) === 0) {
-			$this->InitPreviousValuesForUpdatedAttributes();
-			return $this->GetKey();
-		}
-		return parent::DBUpdate(); // TODO: Change the autogenerated stub
-	}
 }
 
 

core/cmdbsource.class.inc.php

@@ -3,7 +3,7 @@
 //
 //   This file is part of iTop.
 //
-//   iTop is free software; you can redistribute it and/or modify	
+//   iTop is free software; you can redistribute it and/or modify
 //   it under the terms of the GNU Affero General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
@@ -380,7 +380,7 @@ class CMDBSource
 	public static function GetDBVendor()
 	{
 		$sDBVendor = static::ENUM_DB_VENDOR_MYSQL;
-		
+
 		$sVersionComment = static::GetServerVariable('version') .  ' - ' . static::GetServerVariable('version_comment');
 		if(preg_match('/mariadb/i', $sVersionComment) === 1)
 		{
@@ -390,7 +390,7 @@ class CMDBSource
 		{
 			$sDBVendor = static::ENUM_DB_VENDOR_PERCONA;
 		}
-		
+
 		return $sDBVendor;
 	}
 
@@ -431,6 +431,7 @@ class CMDBSource
 		{
 			self::$m_sDBName = '';
 		}
+		self::_TablesInfoCacheReset(); // reset the table info cache!
 	}
 
 	public static function CreateTable($sQuery)
@@ -607,8 +608,9 @@ class CMDBSource
 		{
 			self::LogDeadLock($e, true);
 			throw new MySQLException('Failed to issue SQL query', array('query' => $sSql, $e));
-		}
-		$oKPI->ComputeStats('Query exec (mySQL)', $sSql);
+		} finally {
+            $oKPI->ComputeStats('Query exec (mySQL)', $sSql);
+        }
 		if ($oResult === false) {
 			$aContext = array('query' => $sSql);
 
@@ -626,18 +628,24 @@ class CMDBSource
 	}
 
 	/**
-	 * @param \Exception $e
+	 * @param Exception $e
 	 * @param bool $bForQuery to get the proper DB connection
+	 * @param bool $bCheckMysqliErrno if false won't try to check for mysqli::errno value
 	 *
 	 * @since 2.7.1
 	 * @since 3.0.0 N°4325 add new optional parameter to use the correct DB connection
+	 * @since 3.0.4 3.1.1 3.2.0 N°6643 new bCheckMysqliErrno parameter as a workaround for mysqli::errno cannot be mocked
 	 */
-	private static function LogDeadLock(Exception $e, $bForQuery = false)
+	private static function LogDeadLock(Exception $e, $bForQuery = false, $bCheckMysqliErrno = true)
 	{
 		// checks MySQL error code
-		$iMySqlErrorNo = DbConnectionWrapper::GetDbConnection($bForQuery)->errno;
-		if (!in_array($iMySqlErrorNo, array(self::MYSQL_ERRNO_WAIT_TIMEOUT, self::MYSQL_ERRNO_DEADLOCK))) {
-			return;
+		if ($bCheckMysqliErrno) {
+			$iMySqlErrorNo = DbConnectionWrapper::GetDbConnection($bForQuery)->errno;
+			if (!in_array($iMySqlErrorNo, array(self::MYSQL_ERRNO_WAIT_TIMEOUT, self::MYSQL_ERRNO_DEADLOCK))) {
+				return;
+			}
+		} else {
+			$iMySqlErrorNo = "N/A";
 		}
 
 		// Get error info
@@ -664,7 +672,10 @@ class CMDBSource
 		);
 		DeadLockLog::Info($sMessage, $iMySqlErrorNo, $aLogContext);
 
-		IssueLog::Error($sMessage, LogChannels::DEADLOCK, $e->getMessage());
+		IssueLog::Error($sMessage, LogChannels::DEADLOCK, [
+			'exception.class' => get_class($e),
+			'exception.message' => $e->getMessage(),
+		]);
 	}
 
 	/**
@@ -923,7 +934,7 @@ class CMDBSource
 		{
 			throw new MySQLException('Failed to issue SQL query', array('query' => $sSql));
 		}
-				
+
 		while ($aRow = $oResult->fetch_array($iMode))
 		{
 			$aData[] = $aRow;
@@ -1077,7 +1088,7 @@ class CMDBSource
 		if (!array_key_exists($iKey, $aTableInfo["Fields"])) return false;
 		$aFieldData = $aTableInfo["Fields"][$iKey];
 		if (!array_key_exists("Key", $aFieldData)) return false;
-		return ($aFieldData["Key"] == "PRI"); 
+		return ($aFieldData["Key"] == "PRI");
 	}
 
 	public static function IsAutoIncrement($sTable, $sField)
@@ -1088,7 +1099,7 @@ class CMDBSource
 		$aFieldData = $aTableInfo["Fields"][$sField];
 		if (!array_key_exists("Extra", $aFieldData)) return false;
 		//MyHelpers::debug_breakpoint($aFieldData);
-		return (strstr($aFieldData["Extra"], "auto_increment")); 
+		return (strstr($aFieldData["Extra"], "auto_increment"));
 	}
 
 	public static function IsField($sTable, $sField)
@@ -1355,13 +1366,13 @@ class CMDBSource
 	public static function GetTableFieldsList($sTable)
 	{
 		assert(!empty($sTable));
-		
+
 		$aTableInfo = self::GetTableInfo($sTable);
 		if (empty($aTableInfo)) return array(); // #@# or an error ?
 
 		return array_keys($aTableInfo["Fields"]);
 	}
-	
+
 	// Cache the information about existing tables, and their fields
 	private static $m_aTablesInfo = array();
 	private static function _TablesInfoCacheReset($sTableName = null)
@@ -1494,7 +1505,7 @@ class CMDBSource
 		{
 			throw new MySQLException('Failed to issue SQL query', array('query' => $sSql));
 		}
-		
+
 		$aRows = array();
 		while ($aRow = $oResult->fetch_array(MYSQLI_ASSOC))
 		{
@@ -1503,7 +1514,7 @@ class CMDBSource
 		$oResult->free();
 		return $aRows;
 	}
-	
+
 	/**
 	 * Returns the value of the specified server variable
 	 * @param string $sVarName Name of the server variable
@@ -1519,7 +1530,7 @@ class CMDBSource
 	/**
 	 * Returns the privileges of the current user
 	 * @return string privileges in a raw format
-	 */	   	
+	 */
 	public static function GetRawPrivileges()
 	{
 		try
@@ -1545,8 +1556,8 @@ class CMDBSource
 
 	/**
 	 * Determine the slave status of the server
-	 * @return bool true if the server is slave 
-	 */	   	
+	 * @return bool true if the server is slave
+	 */
 	public static function IsSlaveServer()
 	{
 		try

core/config.class.inc.php

@@ -29,7 +29,7 @@ define('ITOP_APPLICATION_SHORT', 'iTop');
  *
  * @see ITOP_CORE_VERSION to get iTop core version
  */
-define('ITOP_VERSION', '3.1.0-dev');
+define('ITOP_VERSION', '3.1.1-dev');
 
 define('ITOP_VERSION_NAME', 'Fullmoon');
 define('ITOP_REVISION', 'svn');
@@ -137,7 +137,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'log_purge.max_keep_days' => [
+		'log_purge.max_keep_days'                       => [
 			'type'                => 'integer',
 			'description'         => 'Optional purge number of days to keep logs.',
 			'default'             => 365,
@@ -145,7 +145,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'event_service.debug.filter_events'  => [
+		'event_service.debug.filter_events'             => [
 			'type'                => 'array',
 			'description'         => 'List of events name to filter Event Service debug messages',
 			'default'             => [],
@@ -153,7 +153,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'event_service.debug.filter_sources' => [
+		'event_service.debug.filter_sources'            => [
 			'type'                => 'array',
 			'description'         => 'List of event sources to filter Event Service debug messages',
 			'default'             => '',
@@ -161,6 +161,38 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
+		'temporary_object.force_creation'    => [
+			'type'                => 'bool',
+			'description'         => 'If true, all the objects created by the external key are temporary',
+			'default'             => false,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
+		'temporary_object.lifetime'          => [
+			'type'                => 'integer',
+			'description'         => 'Seconds for temporary objects created',
+			'default'             => 300,
+			'value'               => 300,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
+		'temporary_object.watchdog_interval' => [
+			'type'                => 'integer',
+			'description'         => 'Seconds between watchdog signals',
+			'default'             => 60,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
+		'temporary_object.garbage_interval'  => [
+			'type'                => 'integer',
+			'description'         => 'Seconds between garbage collections',
+			'default'             => 60,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
 		'app_env_label'                      => [
 			'type'                => 'string',
 			'description'         => 'Label displayed to describe the current application environment, defaults to the environment name (e.g. "production")',
@@ -185,7 +217,7 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'db_host'                            => [
+		'db_host'                                       => [
 			'type'                => 'string',
 			'default'             => null,
 			'value'               => '',
@@ -624,22 +656,22 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'email_transport_smtp.allow_self_signed' => array(
+		'email_transport_smtp.allow_self_signed' => [
 			'type'                => 'bool',
 			'description'         => 'Allow self signed peer certificates',
 			'default'             => false,
 			'value'               => false,
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
-		),
-		'email_transport_smtp.verify_peer' => array(
+		],
+		'email_transport_smtp.verify_peer' => [
 			'type'                => 'bool',
 			'description'         => 'Verify peer certificate',
 			'default'             => true,
 			'value'               => true,
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
-		),
+		],
 		'email_css' => [
 			'type' => 'string',
 			'description' => 'CSS that will override the standard stylesheet used for the notifications',
@@ -946,6 +978,14 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
+		'lifecycle.transitions_sort_type' => [
+			'type'                => 'string',
+			'description'         => 'How transitions will be sorted in the GUI. Possible values are "xml", "alphabetical", "fixed" or "relative"',
+			'default'             => DBObject::DEFAULT_TRANSITIONS_SORT_TYPE,
+			'value'               => DBObject::DEFAULT_TRANSITIONS_SORT_TYPE,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => true,
+		],
 		'url_validation_pattern' => [
 			'type'                => 'string',
 			'description'         => 'Regular expression to validate/detect the format of an URL (URL attributes and Wiki formatting for Text attributes)',
@@ -1029,6 +1069,14 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		],
+		'log_kpi_generate_legacy_report' => [
+			'type' => 'bool',
+			'description' => 'Generate the legacy KPI report (kpi.html)',
+			'default' => true,
+			'value' => '',
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		],
 		'max_linkset_output' => [
 			'type' => 'integer',
 			'description' => 'Maximum number of items shown when getting a list of related items in an email, using the form $this->some_list$. 0 means no limit.',
@@ -1145,6 +1193,30 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		],
+		'sessions_tracking.enabled' => [
+			'type' => 'bool',
+			'description' => 'Whether or not the whole mechanism to track active sessions is enabled. See PHP session.gc_maxlifetime setting to configure session expiration.',
+			'default' => false,
+			'value' => '',
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		],
+		'sessions_tracking.gc_threshold' => [
+			'type' => 'integer',
+			'description'         => 'fallback in case cron is not active: probability in percent that session files are cleanup during any itop request (100 means always)',
+			'default'             => 1,
+			'value' => '',
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		],
+		'sessions_tracking.gc_duration_in_seconds' => [
+			'type' => 'integer',
+			'description' => 'fallback in case cron is not active: when a cleanup is triggered cleanup duration will not exceed this duration (in seconds).',
+			'default' => 1,
+			'value' => '',
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		],
 		'transaction_storage' => [
 			'type' => 'string',
 			'description' => 'The type of mechanism to use for storing the unique identifiers for transactions (Session|File).',
@@ -1305,6 +1377,14 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		],
+		'navigation_menu.sorted_popup_user_menu_items' => [
+			'type' => 'array',
+			'description' => 'Sort user menu items after setup on page load',
+			'default' => [],
+			'value' => false,
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		],
 		'quick_create.enabled' => [
 			'type' => 'bool',
 			'description' => 'Whether or not the quick create is enabled',
@@ -1587,6 +1667,14 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
+		'security.single_profile_completion' => [
+			'type'                => 'array',
+			'description'         => 'Non standalone profiles can be completed by other profiles via this configuration. default configuration is equivalent to [\'Portal power user\' => \'Portal user\'] configuration. unless you have specific portal customization.',
+			'default'             => null,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
 		'behind_reverse_proxy' => [
 			'type' => 'bool',
 			'description' => 'If true, then proxies custom header (X-Forwarded-*) are taken into account. Use only if the webserver is not publicly accessible (reachable only by the reverse proxy)',
@@ -1630,8 +1718,8 @@ class Config
 		'audit.enable_selection_landing_page' => [
 			'type'                => 'bool',
 			'description'         => 'If true audit categories must be selected before results are computed (use this setting in case of a lot of audit categories)',
-			'default'             => false,
-			'value'               => false,
+			'default'             => true,
+			'value'               => true,
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],

core/contexttag.class.inc.php

@@ -3,7 +3,7 @@
 //
 //   This file is part of iTop.
 //
-//   iTop is free software; you can redistribute it and/or modify	
+//   iTop is free software; you can redistribute it and/or modify
 //   it under the terms of the GNU Affero General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
@@ -58,6 +58,16 @@ class ContextTag
 	public const TAG_SETUP   = 'Setup';
 	public const TAG_SYNCHRO = 'Synchro';
 	public const TAG_REST    = 'REST/JSON';
+
+	/**
+	 * @since 3.1.0 N°6047
+	 */
+	public const TAG_IMPORT    = 'Import';
+		/**
+	 * @since 3.1.0 N°6047
+	 */
+	public const TAG_EXPORT    = 'Export';
+
 	/**
 	 * @var string
 	 * @since 3.1.0 N°3200
@@ -75,7 +85,7 @@ class ContextTag
 	{
 		static::$aStack[] = $sTag;
 	}
-	
+
 	public static function AddContext($sTag)
 	{
 		static::$aStack[] = $sTag;

core/coreexception.class.inc.php

@@ -1,8 +1,11 @@
 <?php
 /**
- * This file is only here for compatibility issues. Will be removed in iTop 3.1.0 (N°3664)
+ * This file is only here for compatibility reasons.
+ * It will be removed in future iTop versions (N°6533)
  *
  * @deprecated 3.0.0 N°3663 Exception classes were moved to `/application/exceptions`, use autoloader instead of require !
  */
-require_once '../approot.inc.php';
-DeprecatedCallsLog::NotifyDeprecatedFile('Classes were moved to /application/exceptions');
+
+require_once __DIR__ . '/../approot.inc.php';
+
+DeprecatedCallsLog::NotifyDeprecatedFile('Classes were moved to /application/exceptions and can be used directly with the autoloader');

core/counter.class.inc.php

@@ -188,8 +188,8 @@ final class ItopCounter
 
 		if (!$hDBLink)
 		{
-			throw new Exception("Could not connect to the DB server (host=$sDBHost, user=$sDBUser): ".mysqli_connect_error().' (mysql errno: '.mysqli_connect_errno().')');
-		}
+            throw new MySQLException('Could not connect to the DB server '.mysqli_connect_error().' (mysql errno: '.mysqli_connect_errno(), array('host' => $sDBHost, 'user' => $sDBUser));
+        }
 
 		return $hDBLink;
 	}

core/csvbulkexport.class.inc.php

@@ -137,7 +137,7 @@ class CSVBulkExport extends TabularBulkExport
 				$aSep['other'] = Dict::S('UI:CSVImport:SeparatorOther').' <input type="text" size="3" name="other-separator" value="'.utils::EscapeHtml($sOtherSeparator).'"/>';
 
 				foreach ($aSep as $sVal => $sLabel) {
-					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "separator", utils::EscapeHtml($sVal), $sLabel, "radio");
+					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "separator", $sVal, $sLabel, "radio");
 					$oRadio->GetInput()->SetIsChecked(($sVal == $sRawSeparator));
 					$oRadio->SetBeforeInput(false);
 					$oRadio->GetInput()->AddCSSClass('ibo-input--label-right');
@@ -163,8 +163,8 @@ class CSVBulkExport extends TabularBulkExport
 				$aQualifiers['other'] = Dict::S('UI:CSVImport:QualifierOther').' <input type="text" size="3" name="other-text-qualifier" value="'.utils::EscapeHtml($sOtherQualifier).'"/>';
 
 				foreach ($aQualifiers as $sVal => $sLabel) {
-					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "text-qualifier", utils::EscapeHtml($sVal), $sLabel, "radio");
-					$oRadio->GetInput()->SetIsChecked(($sVal == $sRawSeparator));
+					$oRadio = InputUIBlockFactory::MakeForInputWithLabel($sLabel, "text-qualifier", $sVal, $sLabel, "radio");
+					$oRadio->GetInput()->SetIsChecked(($sVal == $sRawQualifier));
 					$oRadio->SetBeforeInput(false);
 					$oRadio->GetInput()->AddCSSClass('ibo-input--label-right');
 					$oRadio->GetInput()->AddCSSClass('ibo-input-checkbox');

core/datamodel.core.xml

@@ -58,6 +58,7 @@
         <parent>cmdbAbstractObject</parent>
         <properties>
           <category>addon/userrights,grant_by_profile</category>
+          <is_link>1</is_link>
         </properties>
         <fields>
           <field id="userid" xsi:type="AttributeExternalKey">
@@ -218,6 +219,19 @@
           <field id="friendlyname" xsi:type="AttributeFriendlyName"/>
         </fields>
       </class>
+      <class id="AuditDomain" _delta="define">
+        <parent>cmdbAbstractObject</parent>
+        <properties>
+          <category>application, grant_by_profile</category>
+        </properties>
+        <fields>
+          <field id="name" xsi:type="AttributeString"/>
+          <field id="description" xsi:type="AttributeString"/>
+          <field id="icon" xsi:type="AttributeImage"/>
+          <field id="categories_list" xsi:type="AttributeLinkedSet"/>
+          <field id="friendlyname" xsi:type="AttributeFriendlyName"/>
+        </fields>
+      </class>
       <class id="Query" _delta="define">
         <!-- Generated by toolkit/export-class-to-meta.php -->
         <parent>cmdbAbstractObject</parent>
@@ -482,6 +496,18 @@
           <type>boolean</type>
           <default>true</default>
         </property>
+        <property id="with_php_constraint">
+          <php_param>with_php_constraint</php_param>
+          <mandatory>false</mandatory>
+          <type>boolean</type>
+          <default>false</default>
+        </property>
+        <property id="create_temporary_object">
+          <php_param>create_temporary_object</php_param>
+          <mandatory>false</mandatory>
+          <type>boolean</type>
+          <default>false</default>
+        </property>
         <property id="on_target_delete">
           <php_param>on_target_delete</php_param>
           <mandatory>false</mandatory>

core/dbobjectset.class.php

@@ -767,7 +767,10 @@ class DBObjectSet implements iDBObjectSetIterator
 
 		try
 		{
+            $oKPI = new ExecutionKPI();
 			$this->m_oSQLResult = CMDBSource::Query($sSQL);
+            $sOQL = $this->GetPseudoOQL($this->m_oFilter, $this->GetRealSortOrder(), $this->m_iLimitCount, $this->m_iLimitStart, false);
+            $oKPI->ComputeStats('OQL Query Exec', $sOQL);
 		} catch (MySQLException $e)
 		{
 			// 1116 = ER_TOO_MANY_TABLES
@@ -847,8 +850,11 @@ class DBObjectSet implements iDBObjectSetIterator
 	{
 		if (is_null($this->m_iNumTotalDBRows))
 		{
+            $oKPI = new ExecutionKPI();
 			$sSQL = $this->m_oFilter->MakeSelectQuery(array(), $this->m_aArgs, null, null, 0, 0, true);
 			$resQuery = CMDBSource::Query($sSQL);
+            $sOQL = $this->GetPseudoOQL($this->m_oFilter, array(), 0, 0, true);
+            $oKPI->ComputeStats('OQL Query Exec', $sOQL);
 			if (!$resQuery) return 0;
 
 			$aRow = CMDBSource::FetchArray($resQuery);
@@ -859,6 +865,42 @@ class DBObjectSet implements iDBObjectSetIterator
 		return $this->m_iNumTotalDBRows + count($this->m_aAddedObjects); // Does it fix Trac #887 ??
 	}
 
+    /**
+     * @param \DBSearch $oFilter
+     * @param array $aOrder
+     * @param int $iLimitCount
+     * @param int $iLimitStart
+     * @param bool $bCount
+     *
+     * @return string
+     */
+    private function GetPseudoOQL($oFilter, $aOrder, $iLimitCount, $iLimitStart, $bCount)
+    {
+        $sOQL = '';
+        if ($bCount) {
+            $sOQL .= 'COUNT ';
+        }
+        $sOQL .= $oFilter->ToOQL();
+
+        if ($iLimitCount > 0) {
+            $sOQL .= ' LIMIT ';
+            if ($iLimitStart > 0) {
+                $sOQL .= "$iLimitStart, ";
+            }
+            $sOQL .= "$iLimitCount";
+        }
+
+        if (count($aOrder) > 0) {
+            $sOQL .= ' ORDER BY ';
+            $aOrderBy = [];
+            foreach ($aOrder as $sAttCode => $bAsc) {
+                $aOrderBy[] = $sAttCode.' '.($bAsc ? 'ASC' : 'DESC');
+            }
+            $sOQL .= implode(', ', $aOrderBy);
+        }
+        return $sOQL;
+    }
+
 	/**
 	 * Check if the count exceeds a given limit
 	 *
@@ -875,8 +917,11 @@ class DBObjectSet implements iDBObjectSetIterator
 	{
 		if (is_null($this->m_iNumTotalDBRows))
 		{
+            $oKPI = new ExecutionKPI();
 			$sSQL = $this->m_oFilter->MakeSelectQuery(array(), $this->m_aArgs, null, null, $iLimit + 2, 0, true);
 			$resQuery = CMDBSource::Query($sSQL);
+            $sOQL = $this->GetPseudoOQL($this->m_oFilter, array(), $iLimit + 2, 0, true);
+            $oKPI->ComputeStats('OQL Query Exec', $sOQL);
 			if ($resQuery)
 			{
 				$aRow = CMDBSource::FetchArray($resQuery);
@@ -887,7 +932,7 @@ class DBObjectSet implements iDBObjectSetIterator
 			{
 				$iCount = 0;
 			}
-		}
+        }
 		else
 		{
 			$iCount = $this->m_iNumTotalDBRows;
@@ -912,8 +957,11 @@ class DBObjectSet implements iDBObjectSetIterator
 	{
 		if (is_null($this->m_iNumTotalDBRows))
 		{
+            $oKPI = new ExecutionKPI();
 			$sSQL = $this->m_oFilter->MakeSelectQuery(array(), $this->m_aArgs, null, null, $iLimit + 2, 0, true);
 			$resQuery = CMDBSource::Query($sSQL);
+            $sOQL = $this->GetPseudoOQL($this->m_oFilter, array(), $iLimit + 2, 0, true);
+            $oKPI->ComputeStats('OQL Query Exec', $sOQL);
 			if ($resQuery)
 			{
 				$aRow = CMDBSource::FetchArray($resQuery);
@@ -924,7 +972,7 @@ class DBObjectSet implements iDBObjectSetIterator
 			{
 				$iCount = 0;
 			}
-		}
+        }
 		else
 		{
 			$iCount = $this->m_iNumTotalDBRows;

core/dict.class.inc.php

@@ -3,7 +3,7 @@
 //
 //   This file is part of iTop.
 //
-//   iTop is free software; you can redistribute it and/or modify	
+//   iTop is free software; you can redistribute it and/or modify
 //   it under the terms of the GNU Affero General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
@@ -56,10 +56,11 @@ class Dict
 	 * @param $sLanguageCode
 	 *
 	 * @throws \DictExceptionUnknownLanguage
+	 * @since 3.0.4 3.1.1 3.2.0 Param $sLanguageCode becomes nullable
 	 */
-	public static function SetUserLanguage($sLanguageCode)
+	public static function SetUserLanguage($sLanguageCode = null)
 	{
-		if (!array_key_exists($sLanguageCode, self::$m_aLanguages))
+		if (!is_null($sLanguageCode) && !array_key_exists($sLanguageCode, self::$m_aLanguages))
 		{
 			throw new DictExceptionUnknownLanguage($sLanguageCode);
 		}
@@ -106,42 +107,59 @@ class Dict
 	}
 
 	/**
-	 * Returns a localised string from the dictonary
+	 * Returns a localised string from the dictionary
 	 *
 	 * @param string $sStringCode The code identifying the dictionary entry
-	 * @param string $sDefault Default value if there is no match in the dictionary
+	 * @param string $sDefault Default value if there is no match in the dictionary, if no default provided, returns $sStringCode unchanged
 	 * @param bool $bUserLanguageOnly False to allow the use of the default language as a fallback, true otherwise
 	 *
 	 * @return string
 	 */
 	public static function S($sStringCode, $sDefault = null, $bUserLanguageOnly = false)
+	{
+		$aInfo = self::GetLabelAndLangCode($sStringCode, $sDefault, $bUserLanguageOnly);
+		return $aInfo['label'];
+	}
+
+	/**
+	 * Returns a localised string from the dictonary with its associated lang code
+	 *
+	 * @param string $sStringCode The code identifying the dictionary entry
+	 * @param string $sDefault Default value if there is no match in the dictionary
+	 * @param bool $bUserLanguageOnly True to allow the use of the default language as a fallback, false otherwise
+	 *
+	 * @return array{
+	 *     lang: string, label: string
+	 * } with localized label string and used lang code
+	 */
+	private static function GetLabelAndLangCode($sStringCode, $sDefault = null, $bUserLanguageOnly = false)
 	{
 		// Attempt to find the string in the user language
 		//
 		$sLangCode = self::GetUserLanguage();
 		self::InitLangIfNeeded($sLangCode);
 
-		if (!array_key_exists($sLangCode, self::$m_aData))
+		if (! array_key_exists($sLangCode, self::$m_aData))
 		{
-			IssueLog::Warning("Cannot find $sLangCode in dictionnaries. default labels displayed");
+			IssueLog::Warning("Cannot find $sLangCode in all registered dictionaries.");
 			// It may happen, when something happens before the dictionaries get loaded
-			return $sStringCode;
+			return [ 'label' => $sStringCode, 'lang' => $sLangCode ];
 		}
 		$aCurrentDictionary = self::$m_aData[$sLangCode];
 		if (is_array($aCurrentDictionary) && array_key_exists($sStringCode, $aCurrentDictionary))
 		{
-			return $aCurrentDictionary[$sStringCode];
+			return [ 'label' => $aCurrentDictionary[$sStringCode], 'lang' => $sLangCode ];
 		}
 		if (!$bUserLanguageOnly)
 		{
 			// Attempt to find the string in the default language
 			//
 			self::InitLangIfNeeded(self::$m_sDefaultLanguage);
-			
+
 			$aDefaultDictionary = self::$m_aData[self::$m_sDefaultLanguage];
 			if (is_array($aDefaultDictionary) && array_key_exists($sStringCode, $aDefaultDictionary))
 			{
-				return $aDefaultDictionary[$sStringCode];
+				return [ 'label' => $aDefaultDictionary[$sStringCode], 'lang' => self::$m_sDefaultLanguage ];
 			}
 			// Attempt to find the string in english
 			//
@@ -150,17 +168,17 @@ class Dict
 			$aDefaultDictionary = self::$m_aData['EN US'];
 			if (is_array($aDefaultDictionary) && array_key_exists($sStringCode, $aDefaultDictionary))
 			{
-				return $aDefaultDictionary[$sStringCode];
+				return [ 'label' => $aDefaultDictionary[$sStringCode], 'lang' => 'EN US' ];
 			}
 		}
 		// Could not find the string...
 		//
 		if (is_null($sDefault))
 		{
-			return $sStringCode;
+			return [ 'label' => $sStringCode, 'lang' => null ];
 		}
 
-		return $sDefault;
+		return [ 'label' => $sDefault, 'lang' => null ];
 	}
 
 
@@ -176,19 +194,25 @@ class Dict
 	 */
 	public static function Format($sFormatCode /*, ... arguments ... */)
 	{
-		$sLocalizedFormat = self::S($sFormatCode);
+		['label' => $sLocalizedFormat, 'lang' => $sLangCode] = self::GetLabelAndLangCode($sFormatCode);
+
 		$aArguments = func_get_args();
 		array_shift($aArguments);
-		
+
 		if ($sLocalizedFormat == $sFormatCode)
 		{
 			// Make sure the information will be displayed (ex: an error occuring before the dictionary gets loaded)
 			return $sFormatCode.' - '.implode(', ', $aArguments);
 		}
 
-		return vsprintf($sLocalizedFormat, $aArguments);
+		try{
+			return vsprintf($sLocalizedFormat, $aArguments);
+		} catch(\Throwable $e){
+			\IssueLog::Error("Cannot format dict key", null, ["sFormatCode" => $sFormatCode, "sLangCode" => $sLangCode, 'exception_msg' => $e->getMessage() ]);
+			return $sFormatCode.' - '.implode(', ', $aArguments);
+		}
 	}
-	
+
 	/**
 	 * Initialize a the entries for a given language (replaces the former Add() method)
 	 * @param string $sLanguageCode Code identifying the language i.e. 'FR-FR', 'EN-US'
@@ -198,7 +222,7 @@ class Dict
 	{
 		self::$m_aData[$sLanguageCode] = $aEntries;
 	}
-	
+
 	/**
 	 * Set the list of available languages
 	 * @param hash $aLanguagesList
@@ -259,7 +283,7 @@ class Dict
 		{
 			$sDictFile = APPROOT.'env-'.utils::GetCurrentEnvironment().'/dictionaries/'.str_replace(' ', '-', strtolower($sLangCode)).'.dict.php';
 			require_once($sDictFile);
-			
+
 			if (self::GetApcService()->function_exists('apc_store')
 				&& (self::$m_sApplicationPrefix !== null))
 			{
@@ -269,7 +293,7 @@ class Dict
 		}
 		return $bResult;
 	}
-	
+
 	/**
 	 * Enable caching (cached using APC)
 	 * @param string $sApplicationPrefix The prefix for uniquely identiying this iTop instance
@@ -312,14 +336,14 @@ class Dict
 			}
 		}
 	}
-	
+
 	public static function MakeStats($sLanguageCode, $sLanguageRef = 'EN US')
 	{
 		$aMissing = array(); // Strings missing for the target language
 		$aUnexpected = array(); // Strings defined for the target language, but not found in the reference dictionary
 		$aNotTranslated = array(); // Strings having the same value in both dictionaries
 		$aOK = array(); // Strings having different values in both dictionaries
-	
+
 		foreach (self::$m_aData[$sLanguageRef] as $sStringCode => $sValue)
 		{
 			if (!array_key_exists($sStringCode, self::$m_aData[$sLanguageCode]))
@@ -327,7 +351,7 @@ class Dict
 				$aMissing[$sStringCode] = $sValue;
 			}
 		}
-	
+
 		foreach (self::$m_aData[$sLanguageCode] as $sStringCode => $sValue)
 		{
 			if (!array_key_exists($sStringCode, self::$m_aData[$sLanguageRef]))
@@ -350,7 +374,7 @@ class Dict
 		}
 		return array($aMissing, $aUnexpected, $aNotTranslated, $aOK);
 	}
-	
+
 	public static function Dump()
 	{
 		MyHelpers::var_dump_html(self::$m_aData);
@@ -373,7 +397,7 @@ class Dict
 		// No need to actually load the strings since it's only used to know the list of languages
 		// at setup time !!
 	}
-	
+
 	/**
 	 * Export all the dictionary entries - of the given language - whose code matches the given prefix
 	 * missing entries in the current language will be replaced by entries in the default language
@@ -386,7 +410,7 @@ class Dict
 		self::InitLangIfNeeded(self::$m_sDefaultLanguage);
 		$aEntries = array();
 		$iLength = strlen($sStartingWith);
-		
+
 		// First prefill the array with entries from the default language
 		foreach(self::$m_aData[self::$m_sDefaultLanguage] as $sCode => $sEntry)
 		{
@@ -395,7 +419,7 @@ class Dict
 				$aEntries[$sCode] = $sEntry;
 			}
 		}
-		
+
 		// Now put (overwrite) the entries for the user language
 		foreach(self::$m_aData[self::GetUserLanguage()] as $sCode => $sEntry)
 		{

core/expressioncache.class.inc.php

@@ -101,7 +101,7 @@ EOF;
 EOF;
 
 				SetupUtils::builddir(dirname($sFilePath));
-				file_put_contents($sFilePath, $content);
+				file_put_contents($sFilePath, $content, LOCK_EX);
 			}
 		}
 		Dict::SetUserLanguage($sUserLang);

core/kpi.class.inc.php

@@ -1,27 +1,14 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
-//
-//   This file is part of iTop.
-//
-//   iTop is free software; you can redistribute it and/or modify	
-//   it under the terms of the GNU Affero General Public License as published by
-//   the Free Software Foundation, either version 3 of the License, or
-//   (at your option) any later version.
-//
-//   iTop is distributed in the hope that it will be useful,
-//   but WITHOUT ANY WARRANTY; without even the implied warranty of
-//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-//   GNU Affero General Public License for more details.
-//
-//   You should have received a copy of the GNU Affero General Public License
-//   along with iTop. If not, see <http://www.gnu.org/licenses/>
+/**
+ * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+use Combodo\iTop\Core\Kpi\KpiLogData;
+use Combodo\iTop\Service\Module\ModuleService;
 
 
 /**
  * Measures operations duration, memory usage, etc. (and some other KPIs)
- *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 class ExecutionKPI
@@ -30,6 +17,8 @@ class ExecutionKPI
 	static protected $m_bEnabled_Memory = false;
 	static protected $m_bBlameCaller = false;
 	static protected $m_sAllowedUser = '*';
+    static protected $m_bGenerateLegacyReport = true;
+    static protected $m_fSlowQueries = 0;
 
 	static protected $m_aStats = []; // Recurrent operations
 	static protected $m_aExecData = []; // One shot operations
@@ -86,14 +75,39 @@ class ExecutionKPI
 		return false;
 	}
 
+    static public function SetGenerateLegacyReport($bReportExtensionsOnly)
+    {
+        self::$m_bGenerateLegacyReport = $bReportExtensionsOnly;
+    }
+
+    static public function SetSlowQueries($fSlowQueries)
+    {
+        self::$m_fSlowQueries = $fSlowQueries;
+    }
+
 	static public function GetDescription()
 	{
 		$aFeatures = array();
 		if (self::$m_bEnabled_Duration) $aFeatures[] = 'Duration'; 
 		if (self::$m_bEnabled_Memory)   $aFeatures[] = 'Memory usage';
-		$sFeatures = implode(', ', $aFeatures);
+		$sFeatures = 'Measures: '.implode(', ', $aFeatures);
 		$sFor = self::$m_sAllowedUser == '*' ? 'EVERYBODY' : "'".trim(self::$m_sAllowedUser)."'";
-		return "KPI logging is active for $sFor. Measures: $sFeatures";
+        $sSlowQueries = '';
+        if (self::$m_fSlowQueries > 0) {
+            $sSlowQueries = ". Slow Queries: ".self::$m_fSlowQueries."s";
+        }
+
+        $aExtensions = [];
+        /** @var \iKPILoggerExtension $oExtensionInstance */
+        foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+            $aExtensions[] = ModuleService::GetInstance()->GetModuleNameFromObject($oExtensionInstance);
+        }
+        $sExtensions = '';
+        if (count($aExtensions) > 0) {
+            $sExtensions = '. KPI Extensions: ['.implode(', ', $aExtensions).']';
+        }
+
+        return "KPI logging is active for $sFor. $sFeatures$sSlowQueries$sExtensions";
 	}
 
 	static public function ReportStats()
@@ -101,7 +115,28 @@ class ExecutionKPI
 		if (!self::IsEnabled()) return;
 
 		global $fItopStarted;
+        global $iItopInitialMemory;
 		$sExecId = microtime(); // id to differentiate the hrefs!
+        $sRequest = $_SERVER['REQUEST_URI'].' ('.$_SERVER['REQUEST_METHOD'].')';
+        if (isset($_POST['operation'])) {
+            $sRequest .= ' operation: '.$_POST['operation'];
+        }
+
+        $fStop = MyHelpers::getmicrotime();
+        if (($fStop - $fItopStarted) > self::$m_fSlowQueries) {
+            // Invoke extensions to log the KPI operation
+            /** @var \iKPILoggerExtension $oExtensionInstance */
+            $iCurrentMemory = self::memory_get_usage();
+            $iPeakMemory = self::memory_get_peak_usage();
+            foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+                $oKPILogData = new KpiLogData(KpiLogData::TYPE_REQUEST, 'Page', $sRequest, $fItopStarted, $fStop, '', $iItopInitialMemory, $iCurrentMemory, $iPeakMemory);
+                $oExtensionInstance->LogOperation($oKPILogData);
+            }
+        }
+
+        if (!self::$m_bGenerateLegacyReport) {
+            return;
+        }
 
 		$aBeginTimes = array();
 		foreach (self::$m_aExecData as $aOpStats)
@@ -114,9 +149,9 @@ class ExecutionKPI
 
 		$sHtml = "<hr/>";
 		$sHtml .= "<div style=\"background-color: grey; padding: 10px;\">";
-		$sHtml .= "<h3><a name=\"".md5($sExecId)."\">KPIs</a> - ".$_SERVER['REQUEST_URI']." (".$_SERVER['REQUEST_METHOD'].")</h3>";
+        $sHtml .= "<h3><a name=\"".md5($sExecId)."\">KPIs</a> - $sRequest</h3>";
 		$oStarted = DateTime::createFromFormat('U.u', $fItopStarted);
-		$sHtml .= "<p>".$oStarted->format('Y-m-d H:i:s.u')."</p>";
+		$sHtml .= '<p>'.$oStarted->format('Y-m-d H:i:s.u').'</p>';
 		$sHtml .= "<p>log_kpi_user_id: ".UserRights::GetUserId()."</p>";
 		$sHtml .= "<div>";
 		$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
@@ -257,7 +292,7 @@ class ExecutionKPI
 				$sTotalInter = round($fTotalInter, 3);
 				$sMinInter = round($fMinInter, 3);
 				$sMaxInter = round($fMaxInter, 3);
-				if (($fTotalInter >= $fSlowQueries))
+				if (($fTotalInter >= self::$m_fSlowQueries))
 				{
 					if ($bDisplayHeader)
 					{
@@ -285,37 +320,19 @@ class ExecutionKPI
 		self::Report($sHtml);
 	}
 
+    public static function InitStats()
+    {
+        // Invoke extensions to initialize the KPI statistics
+        /** @var \iKPILoggerExtension $oExtensionInstance */
+        foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+            $oExtensionInstance->InitStats();
+        }
+    }
 
 	public function __construct()
 	{
 		$this->ResetCounters();
-		self::Push($this);
-	}
-
-	/**
-	 * Stack executions to remove children duration from stats
-	 *
-	 * @param \ExecutionKPI $oExecutionKPI
-	 */
-	private static function Push(ExecutionKPI $oExecutionKPI)
-	{
-		self::$m_aExecutionStack[] = $oExecutionKPI;
-	}
-
-	/**
-	 * Pop current child and count its duration in its parent
-	 *
-	 * @param float|int $fChildDuration
-	 */
-	private static function Pop(float $fChildDuration = 0)
-	{
-		array_pop(self::$m_aExecutionStack);
-		// Update the parent's children duration
-		$oPrevExecutionKPI = end(self::$m_aExecutionStack);
-		if ($oPrevExecutionKPI) {
-			$oPrevExecutionKPI->m_fChildrenDuration += $fChildDuration;
-		}
-	}
+    }
 
 	// Get the duration since startup, and reset the counter for the next measure
 	//
@@ -323,9 +340,15 @@ class ExecutionKPI
 	{
 		global $fItopStarted;
 
+        if (!self::IsEnabled()) {
+            return;
+        }
+
 		$aNewEntry = null;
 
-		if (self::$m_bEnabled_Duration) {
+        $fStarted = $this->m_fStarted;
+        $fStopped = $this->m_fStarted;
+		if (self::$m_bEnabled_Duration)	{
 			$fStopped = MyHelpers::getmicrotime();
 			$aNewEntry = array(
 				'op'         => $sOperationDesc,
@@ -336,6 +359,9 @@ class ExecutionKPI
 			$this->m_fStarted = $fStopped;
 		}
 
+        $iInitialMemory = is_null($this->m_iInitialMemory) ? 0 : $this->m_iInitialMemory;
+        $iCurrentMemory = 0;
+        $iPeakMemory = 0;
 		if (self::$m_bEnabled_Memory)
 		{
 			$iCurrentMemory = self::memory_get_usage();
@@ -345,40 +371,103 @@ class ExecutionKPI
 			}
 			$aNewEntry['mem_begin'] = $this->m_iInitialMemory;
 			$aNewEntry['mem_end'] = $iCurrentMemory;
-			if (function_exists('memory_get_peak_usage'))
-			{
-				$aNewEntry['mem_peak'] = memory_get_peak_usage();
-			}
+            $iPeakMemory = self::memory_get_peak_usage();
+            $aNewEntry['mem_peak'] = $iPeakMemory;
 			// Reset for the next operation (if the object is recycled)
 			$this->m_iInitialMemory = $iCurrentMemory;
 		}
 
-		if (!is_null($aNewEntry))
+        if (self::$m_bEnabled_Duration || self::$m_bEnabled_Memory) {
+            // Invoke extensions to log the KPI operation
+            /** @var \iKPILoggerExtension $oExtensionInstance */
+            foreach(MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance)
+            {
+                $sExtension = ModuleService::GetInstance()->GetModuleNameFromCallStack(1);
+                $oKPILogData = new KpiLogData(
+                        KpiLogData::TYPE_REPORT,
+                        'Step',
+                        $sOperationDesc,
+                        $fStarted,
+                        $fStopped,
+                        $sExtension,
+                        $iInitialMemory,
+                        $iCurrentMemory,
+                        $iPeakMemory);
+                $oExtensionInstance->LogOperation($oKPILogData);
+            }
+        }
+
+		if (!is_null($aNewEntry) && self::$m_bGenerateLegacyReport)
 		{
 			self::$m_aExecData[] = $aNewEntry;
 		}
 		$this->ResetCounters();
 	}
 
+    public function ComputeStatsForExtension($object, $sMethod)
+    {
+        if (!self::IsEnabled()) {
+            return;
+        }
+
+        $sSignature = ModuleService::GetInstance()->GetModuleMethodSignature($object, $sMethod);
+        if (utils::StartsWith($sSignature, '[')) {
+            $this->ComputeStats('Extension', $sSignature);
+        }
+    }
+
 	public function ComputeStats($sOperation, $sArguments)
 	{
+		if (!self::IsEnabled()) {
+			return;
+		}
+
 		$fDuration = 0;
 		if (self::$m_bEnabled_Duration) {
 			$fStopped = MyHelpers::getmicrotime();
 			$fDuration = $fStopped - $this->m_fStarted;
-			$fSelfDuration = $fDuration - $this->m_fChildrenDuration;
-			if (self::$m_bBlameCaller) {
-				self::$m_aStats[$sOperation][$sArguments][] = array(
-					'time'    => $fSelfDuration,
-					'callers' => MyHelpers::get_callstack(1),
-				);
-			} else {
-				self::$m_aStats[$sOperation][$sArguments][] = array(
-					'time' => $fSelfDuration,
-				);
-			}
-		}
-		self::Pop($fDuration);
+            $aCallstack = [];
+            if (self::$m_bGenerateLegacyReport) {
+                if (self::$m_bBlameCaller) {
+                    $aCallstack = MyHelpers::get_callstack(1);
+                    self::$m_aStats[$sOperation][$sArguments][] = [
+                            'time' => $fDuration,
+                            'callers' => $aCallstack,
+                    ];
+                } else {
+                    self::$m_aStats[$sOperation][$sArguments][] = [
+                            'time' => $fDuration
+                    ];
+                }
+            }
+
+            $iInitialMemory = is_null($this->m_iInitialMemory) ? 0 : $this->m_iInitialMemory;
+            $iCurrentMemory = 0;
+            $iPeakMemory = 0;
+            if (self::$m_bEnabled_Memory)
+            {
+                $iCurrentMemory = self::memory_get_usage();
+                $iPeakMemory = self::memory_get_peak_usage();
+            }
+
+            // Invoke extensions to log the KPI operation
+            /** @var \iKPILoggerExtension $oExtensionInstance */
+            foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+                $sExtension = ModuleService::GetInstance()->GetModuleNameFromCallStack(1);
+                $oKPILogData = new KpiLogData(
+                        KpiLogData::TYPE_STATS,
+                        $sOperation,
+                        $sArguments,
+                        $this->m_fStarted,
+                        $fStopped,
+                        $sExtension,
+                        $iInitialMemory,
+                        $iCurrentMemory,
+                        $iPeakMemory,
+                        $aCallstack);
+                $oExtensionInstance->LogOperation($oKPILogData);
+            }
+        }
 	}
 
 	protected function ResetCounters()
@@ -408,35 +497,7 @@ class ExecutionKPI
 
 	static protected function memory_get_usage()
 	{
-		if (function_exists('memory_get_usage'))
-		{
-			return memory_get_usage(true);
-		}
-
-		// Copied from the PHP manual
-		//
-		//If its Windows
-		//Tested on Win XP Pro SP2. Should work on Win 2003 Server too
-		//Doesn't work for 2000
-		//If you need it to work for 2000 look at http://us2.php.net/manual/en/function.memory-get-usage.php#54642
-		if (substr(PHP_OS,0,3) == 'WIN') 
-		{
-			$output = array();
-			exec('tasklist /FI "PID eq ' . getmypid() . '" /FO LIST', $output);
-
-			return preg_replace( '/[\D]/', '', $output[5] ) * 1024;
-		}
-		else
-		{
-			//We now assume the OS is UNIX
-			//Tested on Mac OS X 10.4.6 and Linux Red Hat Enterprise 4
-			//This should work on most UNIX systems
-			$pid = getmypid();
-			exec("ps -eo%mem,rss,pid | grep $pid", $output);
-			$output = explode("  ", $output[0]);
-			//rss is given in 1024 byte units
-			return $output[1] * 1024;
-		}
+        return memory_get_usage(true);
 	}
 
 	static public function memory_get_peak_usage($bRealUsage = false)

core/log.class.inc.php

@@ -3,7 +3,7 @@
 //
 //   This file is part of iTop.
 //
-//   iTop is free software; you can redistribute it and/or modify	
+//   iTop is free software; you can redistribute it and/or modify
 //   it under the terms of the GNU Affero General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
@@ -576,6 +576,11 @@ class LogChannels
 	public const DATATABLE = 'Datatable';
 
 	public const DEADLOCK = 'DeadLock';
+	/**
+	 * @var string Everything related to PHP sessions tracking
+	 * @since 3.1.1 3.2.0 N°6901
+	 */
+	public const SESSIONTRACKER = 'SessionTracker';
 
 	/**
 	 * @var string Everything related to the datamodel CRUD
@@ -583,6 +588,12 @@ class LogChannels
 	 */
 	public const DM_CRUD = 'DMCRUD';
 
+	/**
+	 * @var string Everything related to the datamodel CRUD
+	 * @since 3.1.0
+	 */
+	public const WEB_REQUEST = 'WebRequest';
+
 	/**
 	 * @var string Everything related to the event service
 	 * @since 3.1.0
@@ -606,6 +617,8 @@ class LogChannels
 
 	public const PORTAL       = 'portal';
 
+	public const TEMPORARY_OBJECTS = 'TemporaryObjects';
+
 	/**
 	 * @var string
 	 * @since 3.1.0
@@ -1130,7 +1143,7 @@ class DeprecatedCallsLog extends LogAPI
 		parent::Enable($sTargetFile);
 
 		if (
-			(false === defined(ITOP_PHPUNIT_RUNNING_CONSTANT_NAME))
+			(false === defined('ITOP_PHPUNIT_RUNNING_CONSTANT_NAME'))
 			&& static::IsLogLevelEnabledSafe(self::LEVEL_WARNING, self::ENUM_CHANNEL_PHP_LIBMETHOD)
 		) {
 			set_error_handler([static::class, 'DeprecatedNoticesErrorHandler'], E_DEPRECATED | E_USER_DEPRECATED);
@@ -1230,7 +1243,9 @@ class DeprecatedCallsLog extends LogAPI
 	}
 
 	/**
-	 * @throws \ConfigException
+	 * @since 3.0.1 3.1.0 N°4725 silently handles ConfigException
+	 * @since 3.0.4 3.1.0 N°4725 remove forgotten throw PHPDoc annotation
+	 *
 	 * @link https://www.php.net/debug_backtrace
 	 * @uses \debug_backtrace()
 	 */
@@ -1404,7 +1419,7 @@ class LogFileRotationProcess implements iScheduledProcess
 		$iMaxDays = MetaModel::GetConfig()->Get(LogAPI::ENUM_CONFIG_PARAM_PURGE_MAX_KEEP_DAYS);
 
 		// Files iterator (*.*)
-		$oIterator = new \GlobIterator(APPROOT.'log'.DIRECTORY_SEPARATOR.'/*.*');
+		$oIterator = new \GlobIterator(APPROOT.'log'.DIRECTORY_SEPARATOR.'*.*');
 		$aLogFiles = iterator_to_array($oIterator);
 
 		// Reference date
@@ -1416,6 +1431,11 @@ class LogFileRotationProcess implements iScheduledProcess
 			// File real path
 			$sFileRealPath = $oLogFile->getRealPath();
 
+			// Check file extension
+			if(!in_array($oLogFile->getExtension(), ['log','sql','xml'])){
+				continue;
+		    }
+
 			// Compute number of days since last modification
 			$oDateFileLastModification = new DateTime();
 			$oDateFileLastModification->setTimestamp($oLogFile->getMTime());

core/metamodel.class.php

@@ -1241,7 +1241,7 @@ abstract class MetaModel
 			}
 			$sTable = self::DBGetTable($sClass);
 
-			// Could be completed later with all the classes that are using a given table 
+			// Could be completed later with all the classes that are using a given table
 			if (!array_key_exists($sTable, $aTables)) {
 				$aTables[$sTable] = array();
 			}
@@ -2927,52 +2927,7 @@ abstract class MetaModel
 		}
 
 		self::$m_sTablePrefix = $sTablePrefix;
-
-		// Build the list of available extensions
-		//
-		$aInterfaces = [
-			'iApplicationUIExtension',
-			'iPreferencesExtension',
-			'iApplicationObjectExtension',
-			'iLoginFSMExtension',
-			'iLoginUIExtension',
-			'iLogoutExtension',
-			'iQueryModifier',
-			'iOnClassInitialization',
-			'iPopupMenuExtension',
-			'iPageUIExtension',
-			'iPageUIBlockExtension',
-			'iBackofficeLinkedScriptsExtension',
-			'iBackofficeEarlyScriptExtension',
-			'iBackofficeScriptExtension',
-			'iBackofficeInitScriptExtension',
-			'iBackofficeReadyScriptExtension',
-			'iBackofficeLinkedStylesheetsExtension',
-			'iBackofficeStyleExtension',
-			'iBackofficeDictEntriesExtension',
-			'iBackofficeDictEntriesPrefixesExtension',
-			'iPortalUIExtension',
-			'ModuleHandlerApiInterface',
-			'iNewsroomProvider',
-			'iModuleExtension',
-		];
-		foreach($aInterfaces as $sInterface)
-		{
-			self::$m_aExtensionClassNames[$sInterface] = array();
-		}
-
-		foreach(get_declared_classes() as $sPHPClass)
-		{
-			$oRefClass = new ReflectionClass($sPHPClass);
-			$oExtensionInstance = null;
-			foreach($aInterfaces as $sInterface)
-			{
-				if ($oRefClass->implementsInterface($sInterface) && $oRefClass->isInstantiable())
-				{
-					self::$m_aExtensionClassNames[$sInterface][$sPHPClass] = $sPHPClass;
-				}
-			}
-		}
+		self::InitExtensions();
 
 		// Initialize the classes (declared attributes, etc.)
 		//
@@ -3567,7 +3522,7 @@ abstract class MetaModel
 		}
 
 		// Set the "host class" as soon as possible, since HierarchicalKeys use it for their 'target class' as well
-		// and this needs to be know early (for Init_IsKnowClass 19 lines below)		
+		// and this needs to be know early (for Init_IsKnowClass 19 lines below)
 		$oAtt->SetHostClass($sTargetClass);
 
 		// Some attributes could refer to a class
@@ -3609,7 +3564,7 @@ abstract class MetaModel
 
 		self::$m_aAttribDefs[$sTargetClass][$oAtt->GetCode()] = $oAtt;
 		self::$m_aAttribOrigins[$sTargetClass][$oAtt->GetCode()] = $sTargetClass;
-		// Note: it looks redundant to put targetclass there, but a mix occurs when inheritance is used		
+		// Note: it looks redundant to put targetclass there, but a mix occurs when inheritance is used
 	}
 
 	/**
@@ -3621,8 +3576,7 @@ abstract class MetaModel
 	{
 		MyHelpers::CheckKeyInArray('list code', $sListCode, self::$m_aListInfos);
 
-		if (!$sTargetClass)
-		{
+		if (!$sTargetClass) {
 			$sTargetClass = self::GetCallersPHPClass("Init");
 		}
 
@@ -3810,7 +3764,7 @@ abstract class MetaModel
 		self::$m_aStimuli[$sTargetClass][$oStimulus->GetCode()] = $oStimulus;
 
 		// I wanted to simplify the syntax of the declaration of objects in the biz model
-		// Therefore, the reference to the host class is set there 
+		// Therefore, the reference to the host class is set there
 		$oStimulus->SetHostClass($sTargetClass);
 	}
 
@@ -4265,40 +4219,77 @@ abstract class MetaModel
 		}
 		else
 		{
-			$aCurrentUser = array();
-			$aCurrentContact = array();
+			$aCurrentUser = [];
+			$aCurrentContact = [];
 			foreach ($aExpectedArgs as $expression)
 			{
 				$aName = explode('->', $expression->GetName());
 				if ($aName[0] == 'current_contact_id') {
 					$aPlaceholders['current_contact_id'] = UserRights::GetContactId();
-				}
-				if ($aName[0] == 'current_user') {
+				} else if ($aName[0] == 'current_user') {
 					array_push($aCurrentUser, $aName[1]);
-				}
-				if ($aName[0] == 'current_contact') {
+				} else if ($aName[0] == 'current_contact') {
 					array_push($aCurrentContact, $aName[1]);
 				}
 			}
 			if (count($aCurrentUser) > 0) {
-				$oUser = UserRights::GetUserObject();
-				$aPlaceholders['current_user->object()'] = $oUser;
-				foreach ($aCurrentUser as $sField) {
-					$aPlaceholders['current_user->'.$sField] = $oUser->Get($sField);
-				}
+				static::FillObjectPlaceholders($aPlaceholders, 'current_user', UserRights::GetUserObject(), $aCurrentUser);
 			}
 			if (count($aCurrentContact) > 0) {
-				$oPerson = UserRights::GetContactObject();
-				$aPlaceholders['current_contact->object()'] = $oPerson;
-				foreach ($aCurrentContact as $sField) {
-					$aPlaceholders['current_contact->'.$sField] = $oPerson->Get($sField);
-				}
+				static::FillObjectPlaceholders($aPlaceholders, 'current_contact', UserRights::GetContactObject(), $aCurrentContact);
 			}
 		}
 
 		return $aPlaceholders;
 	}
 
+	/**
+	 * @since 3.1.1 N°6824
+	 * @param array $aPlaceholders
+	 * @param string $sPlaceHolderPrefix
+	 * @param ?\DBObject $oObject
+	 * @param array $aCurrentUser
+	 *
+	 * @return void
+	 *
+	 */
+	private static function FillObjectPlaceholders(array &$aPlaceholders, string $sPlaceHolderPrefix, ?\DBObject $oObject, array $aCurrentUser) : void {
+		$sPlaceHolderKey = $sPlaceHolderPrefix."->object()";
+		if (is_null($oObject)){
+			$aContext = [
+				"current_user_id" => UserRights::GetUserId(),
+				"null object type" => $sPlaceHolderPrefix,
+				"fields" => $aCurrentUser,
+			];
+			IssueLog::Warning("Unresolved placeholders due to null object in current context", null,
+				$aContext);
+			$aPlaceholders[$sPlaceHolderKey] = \Dict::Format("Core:Placeholder:CannotBeResolved", $sPlaceHolderKey);
+			foreach ($aCurrentUser as $sField) {
+				$sPlaceHolderKey = $sPlaceHolderPrefix . "->$sField";
+				$aPlaceholders[$sPlaceHolderKey] = \Dict::Format("Core:Placeholder:CannotBeResolved", $sPlaceHolderKey);
+			}
+		} else {
+			$aPlaceholders[$sPlaceHolderKey] = $oObject;
+			foreach ($aCurrentUser as $sField) {
+				$sPlaceHolderKey = $sPlaceHolderPrefix . "->$sField";
+				if (false === MetaModel::IsValidAttCode(get_class($oObject), $sField)){
+					$aContext = [
+						"current_user_id" => UserRights::GetUserId(),
+						"obj_class" => get_class($oObject),
+						"placeholder" => $sPlaceHolderKey,
+						"invalid_field" => $sField,
+					];
+					IssueLog::Warning("Unresolved placeholder due to invalid attribute", null,
+						$aContext);
+					$aPlaceholders[$sPlaceHolderKey] = \Dict::Format("Core:Placeholder:CannotBeResolved", $sPlaceHolderKey);
+					continue;
+				}
+
+				$aPlaceholders[$sPlaceHolderKey] = $oObject->Get($sField);
+			}
+		}
+	}
+
 	/**
 	 * @param \DBSearch $oFilter
 	 *
@@ -6344,6 +6335,13 @@ abstract class MetaModel
 	 */
 	public static function Startup($config, $bModelOnly = false, $bAllowCache = true, $bTraceSourceFiles = false, $sEnvironment = 'production')
 	{
+		// Startup on a new environment is not supported
+		static $bStarted = false;
+		if ($bStarted) {
+			return;
+		}
+		$bStarted = true;
+
 		self::$m_sEnvironment = $sEnvironment;
 
 		try {
@@ -6422,7 +6420,9 @@ abstract class MetaModel
 
 		ExecutionKPI::EnableDuration(self::$m_oConfig->Get('log_kpi_duration'));
 		ExecutionKPI::EnableMemory(self::$m_oConfig->Get('log_kpi_memory'));
-		ExecutionKPI::SetAllowedUser(self::$m_oConfig->Get('log_kpi_user_id'));
+        ExecutionKPI::SetAllowedUser(self::$m_oConfig->Get('log_kpi_user_id'));
+        ExecutionKPI::SetGenerateLegacyReport(self::$m_oConfig->Get('log_kpi_generate_legacy_report'));
+        ExecutionKPI::SetSlowQueries(self::$m_oConfig->Get('log_kpi_slow_queries'));
 
 		self::$m_bSkipCheckToWrite = self::$m_oConfig->Get('skip_check_to_write');
 		self::$m_bSkipCheckExtKeys = self::$m_oConfig->Get('skip_check_ext_keys');
@@ -6516,7 +6516,7 @@ abstract class MetaModel
 				$aCache['m_aExtensionClassNames'] = self::$m_aExtensionClassNames;
 				$aCache['m_Category2Class'] = self::$m_Category2Class;
 				$aCache['m_aRootClasses'] = self::$m_aRootClasses; // array of "classname" => "rootclass"
-				$aCache['m_aParentClasses'] = self::$m_aParentClasses; // array of ("classname" => array of "parentclass") 
+				$aCache['m_aParentClasses'] = self::$m_aParentClasses; // array of ("classname" => array of "parentclass")
 				$aCache['m_aChildClasses'] = self::$m_aChildClasses; // array of ("classname" => array of "childclass")
 				$aCache['m_aClassParams'] = self::$m_aClassParams; // array of ("classname" => array of class information)
 				$aCache['m_aAttribDefs'] = self::$m_aAttribDefs; // array of ("classname" => array of attributes)
@@ -6541,6 +6541,7 @@ abstract class MetaModel
 
 		CMDBSource::InitFromConfig(self::$m_oConfig);
 		// Later when timezone implementation is correctly done: CMDBSource::SetTimezone($sDBTimezone);
+        ExecutionKPI::InitStats();
 	}
 
 	/**
@@ -6572,6 +6573,19 @@ abstract class MetaModel
 		return $value;
 	}
 
+	/**
+	 * @internal Used for resetting the configuration during automated tests
+
+	 * @param \Config $oConfiguration
+	 *
+	 * @return void
+	 * @since 3.0.4 3.1.1 3.2.0
+	 */
+	public static function SetConfig(Config $oConfiguration)
+	{
+		self::$m_oConfig = $oConfiguration;
+	}
+
 	/**
 	 * @return Config
 	 */
@@ -6853,25 +6867,21 @@ abstract class MetaModel
 	 *     $bMustBeFound=false)
 	 * @throws CoreException if no result found and $bMustBeFound=true
 	 * @throws ArchivedObjectException if archive mode disabled and result is archived and $bMustBeFound=true
-	 * @throws \Exception
-	 *
 	 */
 	public static function GetObject($sClass, $iKey, $bMustBeFound = true, $bAllowAllData = false, $aModifierProperties = null)
 	{
 		$oObject = self::GetObjectWithArchive($sClass, $iKey, $bMustBeFound, $bAllowAllData, $aModifierProperties);
 
-		if (empty($oObject))
-		{
+		if (empty($oObject)) {
 			return null;
 		}
 
-		if (!utils::IsArchiveMode() && $oObject->IsArchived())
-		{
+		if (!utils::IsArchiveMode() && $oObject->IsArchived()) {
 			if ($bMustBeFound) {
 				throw new ArchivedObjectException("The object $sClass::$iKey is archived");
-			} else {
-				return null;
 			}
+
+			return null;
 		}
 
 		return $oObject;
@@ -7613,6 +7623,20 @@ abstract class MetaModel
 		return false;
 	}
 
+	/**
+	 * @since 3.1.0 N°5324: to ease reentrance checks when using events on links (to avoid reentering if main link object ongoing operation)
+	 */
+	public static function GetReentranceObjectByChildClass(string $sParentClass, $sKey)
+	{
+		foreach (self::EnumChildClasses($sParentClass, ENUM_CHILD_CLASSES_ALL, false) as $sChildClass){
+			if (self::GetReentranceObject($sChildClass, $sKey)){
+				return true;
+			}
+		}
+
+		return false;
+	}
+
 	/**
 	 * @param \DBObject $oObject
 	 *
@@ -7643,6 +7667,57 @@ abstract class MetaModel
 			unset(self::$m_aReentranceProtection[get_class($oObject)][$oObject->GetKey()]);
 		}
 	}
+
+	/**
+	 * For test purpose
+	 * @throws \ReflectionException
+	 * @since 3.1.0
+	 */
+	public static function InitExtensions()
+	{
+		// Build the list of available extensions
+		//
+		$aInterfaces = [
+			'iLoginFSMExtension',
+			'iLogoutExtension',
+			'iLoginUIExtension',
+			'iPreferencesExtension',
+			'iApplicationUIExtension',
+			'iApplicationObjectExtension',
+			'iPopupMenuExtension',
+			'iPageUIExtension',
+			'iPageUIBlockExtension',
+			'iBackofficeLinkedScriptsExtension',
+			'iBackofficeEarlyScriptExtension',
+			'iBackofficeScriptExtension',
+			'iBackofficeInitScriptExtension',
+			'iBackofficeReadyScriptExtension',
+			'iBackofficeLinkedStylesheetsExtension',
+			'iBackofficeStyleExtension',
+			'iBackofficeDictEntriesExtension',
+			'iBackofficeDictEntriesPrefixesExtension',
+			'iPortalUIExtension',
+			'iQueryModifier',
+			'iOnClassInitialization',
+			'iModuleExtension',
+			'iKPILoggerExtension',
+			'ModuleHandlerApiInterface',
+			'iNewsroomProvider',
+		];
+		foreach ($aInterfaces as $sInterface) {
+			self::$m_aExtensionClassNames[$sInterface] = array();
+		}
+
+		foreach (get_declared_classes() as $sPHPClass) {
+			$oRefClass = new ReflectionClass($sPHPClass);
+			$oExtensionInstance = null;
+			foreach ($aInterfaces as $sInterface) {
+				if ($oRefClass->implementsInterface($sInterface) && $oRefClass->isInstantiable()) {
+					self::$m_aExtensionClassNames[$sInterface][$sPHPClass] = $sPHPClass;
+				}
+			}
+		}
+	}
 }
 
 

core/mutex.class.inc.php

@@ -257,7 +257,7 @@ class iTopMutex
 		$this->hDBLink = CMDBSource::GetMysqliInstance($sServer, $sUser, $sPwd, $sSource, $bTlsEnabled, $sTlsCA, false);
 
 		if (!$this->hDBLink) {
-			throw new Exception("Could not connect to the DB server (host=$sServer, user=$sUser): ".mysqli_connect_error().' (mysql errno: '.mysqli_connect_errno().')');
+            throw new MySQLException('Could not connect to the DB server '.mysqli_connect_error().' (mysql errno: '.mysqli_connect_errno(), array('host' => $sDBHost, 'user' => $sDBUser));
 		}
 
 		// Make sure that the server variable `wait_timeout` is at least 86400 seconds for this connection,

core/oql/expression.class.inc.php

@@ -3526,6 +3526,7 @@ class CharConcatWSExpression extends CharConcatExpression
 		$aRes = array();
 		foreach ($this->m_aExpressions as $oExpr)
 		{
+			// TODO: Seems weird, this should rather be $aRes[] = $oExpr->Evaluate($aArgs);
 			$aRes .= $oExpr->Evaluate($aArgs);
 		}
 		return implode($this->m_separator, $aRes);

core/ormdocument.class.inc.php

@@ -86,6 +86,33 @@ class ormDocument
 	{
 		return ($this->m_data == null);
 	}
+
+	/**
+	 * @param \ormDocument $oCompared
+	 *
+	 * @return bool True if the current ormDocument is equals to $oCompared EXCEPT for its download count. False if any other property is different OR if count is the same.
+	 * @since 3.1.0 N°6502
+	 */
+	public function EqualsExceptDownloadsCount(ormDocument $oCompared): bool
+	{
+		// First checking equality on others properties
+		if ($oCompared->GetData() !== $this->GetData()) {
+			return false;
+		}
+		if ($oCompared->GetMimeType() !== $this->GetMimeType()) {
+			return false;
+		}
+		if ($oCompared->GetFileName() !== $this->GetFileName()) {
+			return false;
+		}
+
+		// Finally check equality of the download count
+		if ($oCompared->GetDownloadsCount() === $this->GetDownloadsCount()) {
+			return false;
+		} else {
+			return true;
+		}
+	}
 	
 	public function GetMimeType()
 	{

core/pluginmanager.class.inc.php

@@ -98,4 +98,14 @@ class PluginManager
 
 		return $oInstance;
 	}
+
+	/**
+	 * For test purpose
+	 * @return void
+	 * @since 3.1.0
+	 */
+	protected static function ResetPlugins()
+	{
+		self::$m_aExtensionClasses = null;
+	}
 }

core/simplecrypt.class.inc.php

@@ -43,6 +43,12 @@
 
 class SimpleCrypt
 {
+	/**
+	 * @var \SimpleCrypt
+	 * @since 3.1.0 N°5388
+	 */
+	protected $oEngine;
+
 	public static function GetNewDefaultParams()
 	{
 		if(function_exists('sodium_crypto_secretbox_open') && function_exists('random_bytes')){
@@ -62,6 +68,7 @@ class SimpleCrypt
 		$sEngineName = 'SimpleCrypt' . $sEngineName . 'Engine';
 		return $sEngineName::GetNewDefaultParams();
 	}
+
     /**
      * Constructor
      * @param string $sEngineName Engine for encryption. Values: Simple, Mcrypt, Sodium or OpenSSL

core/sqlobjectquerybuilder.class.inc.php

@@ -218,8 +218,8 @@ class SQLObjectQueryBuilder
 					continue;
 				}
 				$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
-				// Skip this attribute if not made of SQL columns
-				if (count($oAttDef->GetSQLExpressions()) == 0)
+				// Skip this attribute if not made of SQL columns nor in current table
+				if (count($oAttDef->GetSQLExpressions()) == 0 || $oAttDef->IsExternalField())
 				{
 					continue;
 				}

core/trigger.class.inc.php

@@ -50,7 +50,7 @@ abstract class Trigger extends cmdbAbstractObject
 		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("action_list",
 			array("linked_class" => "lnkTriggerAction", "ext_key_to_me" => "trigger_id", "ext_key_to_remote" => "action_id", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array())));
 		$aTags = ContextTag::GetTags();
-		MetaModel::Init_AddAttribute(new AttributeEnumSet("context", array("allowed_values" => null, "possible_values" => new ValueSetEnumPadded($aTags), "sql" => "context", "depends_on" => array(), "is_null_allowed" => true, "max_items" => 12)));
+		MetaModel::Init_AddAttribute(new AttributeEnumSet("context", array("allowed_values" => null, "possible_values" => new ValueSetEnumPadded($aTags, true), "sql" => "context", "depends_on" => array(), "is_null_allowed" => true, "max_items" => 12)));
 		// "complement" is a computed field, fed by Trigger sub-classes, in general in ComputeValues method, for eg. the TriggerOnObject fed it with target_class info
 		MetaModel::Init_AddAttribute(new AttributeString("complement", array("allowed_values" => null, "sql" => "complement", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
 
@@ -121,7 +121,9 @@ abstract class Trigger extends cmdbAbstractObject
 			$oAction = MetaModel::GetObject('Action', $iActionId);
 			if ($oAction->IsActive())
 			{
+                $oKPI = new ExecutionKPI();
 				$oAction->DoExecute($this, $aContextArgs);
+                $oKPI->ComputeStatsForExtension($oAction, 'DoExecute');
 			}
 		}
 	}

core/userrights.class.inc.php

@@ -248,9 +248,8 @@ abstract class User extends cmdbAbstractObject
 			"depends_on"      => array(),
 		)));
 
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("profile_list",
-			array("linked_class" => "URP_UserProfile", "ext_key_to_me" => "userid", "ext_key_to_remote" => "profileid", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array(), "display_style" => 'property')));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("allowed_org_list", array("linked_class" => "URP_UserOrg", "ext_key_to_me" => "userid", "ext_key_to_remote" => "allowed_org_id", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("profile_list",array("linked_class" => "URP_UserProfile", "ext_key_to_me" => "userid", "ext_key_to_remote" => "profileid", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array(), "display_style" => 'property', "with_php_constraint" => true)));
+		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("allowed_org_list", array("linked_class" => "URP_UserOrg", "ext_key_to_me" => "userid", "ext_key_to_remote" => "allowed_org_id", "allowed_values" => null, "count_min" => 1, "count_max" => 0, "depends_on" => array(), 'with_php_constraint' => true)));
 		MetaModel::Init_AddAttribute(new AttributeCaseLog("log", array("sql" => 'log', "is_null_allowed" => true, "default_value" => '', "allowed_values" => null, "depends_on" => array(), "always_load_in_tables" => false)));
 
 		// Display lists
@@ -762,14 +761,25 @@ class UserRights
 	protected static $m_aCacheContactPictureAbsUrl = [];
 	/** @var UserRightsAddOnAPI $m_oAddOn */
 	protected static $m_oAddOn;
-	protected static $m_oUser;
-	protected static $m_oRealUser;
+	protected static $m_oUser = null;
+	protected static $m_oRealUser = null;
 	protected static $m_sSelfRegisterAddOn = null;
 	protected static $m_aAdmins = array();
 	protected static $m_aPortalUsers = array();
 	/** @var array array('sName' => $sName, 'bSuccess' => $bSuccess); */
 	private static $m_sLastLoginStatus = null;
 
+	/**
+	 * @return void
+	 * @since 3.0.4 3.1.1 3.2.0
+	 */
+	protected static function ResetCurrentUserData()
+	{
+		self::$m_oUser = null;
+		self::$m_oRealUser = null;
+		self::$m_sLastLoginStatus = null;
+	}
+
 	/**
 	 * @param string $sModuleName
 	 *
@@ -788,8 +798,7 @@ class UserRights
 		}
 		self::$m_oAddOn = new $sModuleName;
 		self::$m_oAddOn->Init();
-		self::$m_oUser = null;
-		self::$m_oRealUser = null;
+		self::ResetCurrentUserData();
 	}
 
 	/**
@@ -856,6 +865,8 @@ class UserRights
 	 */
 	public static function Login($sLogin, $sAuthentication = 'any')
 	{
+		static::Logoff();
+
 		$oUser = self::FindUser($sLogin, $sAuthentication);
 		if (is_null($oUser))
 		{
@@ -873,6 +884,17 @@ class UserRights
 		return true;
 	}
 
+	/**
+	 * @return void
+	 * @since 3.0.4 3.1.1 3.2.0
+	 */
+	public static function Logoff()
+	{
+		self::ResetCurrentUserData();
+		Dict::SetUserLanguage(null);
+		self::_ResetSessionCache();
+	}
+
 	/**
 	 * @param string $sLogin Login of the user to check the credentials for
 	 * @param string $sPassword

core/valuesetdef.class.inc.php

@@ -53,7 +53,13 @@ abstract class ValueSetDefinition
 		return $sAllowedValues;
 	}
 
-
+	/**
+	 * @param array  $aArgs
+	 * @param string $sContains
+	 * @param string $sOperation for the values {@see static::LoadValues()}
+	 *
+	 * @return array hash array of keys => values
+	 */
 	public function GetValues($aArgs, $sContains = '', $sOperation = 'contains')
 	{
 		if (!$this->m_bIsLoaded)
@@ -78,11 +84,22 @@ abstract class ValueSetDefinition
 				}
 			}
 		}
-		// Sort on the display value
-		asort($aRet);
+		$this->SortValues($aRet);
 		return $aRet;
 	}
 
+	/**
+	 * @param array $aValues Values to sort in the form keys => values
+	 *
+	 * @return void
+	 * @since 3.1.0 N°1646 Create method
+	 */
+	public function SortValues(array &$aValues): void
+	{
+		// Sort alphabetically on values
+		natcasesort($aValues);
+	}
+
 	abstract protected function LoadValues($aArgs);
 }
 
@@ -189,11 +206,7 @@ class ValueSetObjects extends ValueSetDefinition
 	}
 
     /**
-     * @param        $aArgs
-     * @param string $sContains
-     * @param string $sOperation for the values @see self::LoadValues()
-     *
-     * @return array
+     * @inheritDoc
      * @throws CoreException
      * @throws OQLException
      */
@@ -451,10 +464,33 @@ class ValueSetObjects extends ValueSetDefinition
 class ValueSetEnum extends ValueSetDefinition
 {
 	protected $m_values;
+	/**
+	 * @var bool $bSortByValues If true, values will be sorted at runtime (on their values, not their keys), otherwise it is sorted at compile time in a predefined order.
+	 *                         {@see \MFCompiler::CompileAttributeEnumValues()} for complete reasons.
+	 * @since 3.1.0 N°1646
+	 */
+	protected bool $bSortByValues;
 
-	public function __construct($Values)
+	/**
+	 * @param array|string $Values
+	 * @param bool $bLocalizedSort
+	 *
+	 * @since 3.1.0 N°1646 Add $bLocalizedSort parameter
+	 */
+	public function __construct($Values, bool $bSortByValues = false)
 	{
 		$this->m_values = $Values;
+		$this->bSortByValues = $bSortByValues;
+	}
+
+	/**
+	 * @see \ValueSetEnum::$bSortByValues
+	 * @return bool
+	 * @since 3.1.0 N°1646
+	 */
+	public function IsSortedByValues(): bool
+	{
+		return $this->bSortByValues;
 	}
 
 	// Helper to export the data model
@@ -464,6 +500,27 @@ class ValueSetEnum extends ValueSetDefinition
 		return $this->m_aValues;
 	}
 
+	/**
+	 * @inheritDoc
+	 * @since 3.1.0 N°1646 Overload method
+	 */
+	public function SortValues(array &$aValues): void
+	{
+		// Force sort by values only if necessary
+		if ($this->bSortByValues) {
+			natcasesort($aValues);
+			return;
+		}
+
+		// Don't sort values as we rely on the order defined during compilation
+		return;
+	}
+
+	/**
+	 * @param array|string $aArgs
+	 *
+	 * @return true
+	 */
 	protected function LoadValues($aArgs)
 	{
 		if (is_array($this->m_values))
@@ -491,9 +548,13 @@ class ValueSetEnum extends ValueSetDefinition
 
 class ValueSetEnumPadded extends ValueSetEnum
 {
-	public function __construct($Values)
+	/**
+	 * @inheritDoc
+	 * @since 3.1.0 N°6448 Add $bSortByValues parameter
+	 */
+	public function __construct($Values, bool $bSortByValues = false)
 	{
-		parent::__construct($Values);
+		parent::__construct($Values, $bSortByValues);
 		if (is_string($Values))
 		{
 			$this->LoadValues(null);
@@ -505,6 +566,7 @@ class ValueSetEnumPadded extends ValueSetEnum
 		$aPaddedValues = array();
 		foreach ($this->m_aValues as $sKey => $sVal)
 		{
+			// Pad keys to the min. length required by the \AttributeSet
 			$sKey = str_pad($sKey, 3, '_', STR_PAD_LEFT);
 			$aPaddedValues[$sKey] = $sVal;
 		}
@@ -553,7 +615,7 @@ class ValueSetEnumClasses extends ValueSetEnum
 	public function __construct($sCategories = '', $sAdditionalValues = '')
 	{
 		$this->m_sCategories = $sCategories;
-		parent::__construct($sAdditionalValues);
+		parent::__construct($sAdditionalValues, true /* Classes are always sorted alphabetically */);
 	}
 
 	protected function LoadValues($aArgs)

css/backoffice/components/dashlet/_dashlet-badge.scss

@@ -20,6 +20,8 @@ $ibo-dashlet-badge--icon--size: 48px !default;
 
 $ibo-dashlet-badge--action-icon--margin-right: $ibo-spacing-300 !default;
 
+$ibo-dashlet-badge--body--tooltip-title--margin-bottom: $ibo-spacing-500 !default;
+
 /* CSS variables (can be changed directly from the browser) */
 :root {
   --ibo-dashlet-badge--min-width: #{$ibo-dashlet-badge--min-width};
@@ -74,18 +76,27 @@ $ibo-dashlet-badge--action-icon--margin-right: $ibo-spacing-300 !default;
     @extend %ibo-hyperlink-inherited-colors;
   }
 }
-.ibo-dashlet-badge--action-list-count{
-	margin-right: $ibo-dashlet-badge--action-list-count--margin-right;
-	@extend %ibo-font-ral-bol-450;
+
+.ibo-dashlet-badge--action-list-count {
+  margin-right: $ibo-dashlet-badge--action-list-count--margin-right;
+  @extend %ibo-font-ral-bol-450;
 }
-.ibo-dashlet-badge--action-list-label{
-	display: inline-block;
-	@extend %ibo-text-truncated-with-ellipsis;
+
+.ibo-dashlet-badge--action-list-label {
+  display: inline-block;
+  @extend %ibo-text-truncated-with-ellipsis;
 }
-.ibo-dashlet-badge--action-create{
-	@extend %ibo-baseline-centered-content;
-	@extend %ibo-font-size-150;
+
+.ibo-dashlet-badge--action-create {
+  @extend %ibo-baseline-centered-content;
+  @extend %ibo-font-size-150;
 }
-.ibo-dashlet-badge--action-create-icon{
-	margin-right: $ibo-dashlet-badge--action-icon--margin-right;
+
+.ibo-dashlet-badge--action-create-icon {
+  margin-right: $ibo-dashlet-badge--action-icon--margin-right;
+}
+
+.ibo-dashlet-badge--body--tooltip-title {
+  @extend %ibo-font-weight-600;
+  margin-bottom: $ibo-dashlet-badge--body--tooltip-title--margin-bottom;
 }

css/backoffice/pages/_csv-import.scss

@@ -51,4 +51,4 @@ tr.ibo-csv-import--row-added td {
   font-size: $ibo-csv-import--download-file--font-size;
   color: $ibo-csv-import--download-file--color;
   margin: $ibo-csv-import--download-file--margin;
-}
+}

css/backoffice/pages/_welcome-popup.scss

@@ -17,7 +17,9 @@ $ibo-welcome-popup--text--options--bottom: 10px !default;
 
 #welcome_popup{
   display: flex;
-  
+}
+.ibo-welcome-popup--columns{
+	display: flex;
 }
 .ibo-welcome-popup--image{
   display: flex;
@@ -44,7 +46,39 @@ $ibo-welcome-popup--text--options--bottom: 10px !default;
     }
   }
 }
-.ibo-welcome-popup--text--options{
-  position: absolute;
-  bottom: $ibo-welcome-popup--text--options--bottom;
+.ibo-welcome-popup--dialog {
+	width: 60rem;
+}
+.ibo-welcome-popup--content {
+	width: 100%; 
+	.ibo-welcome-popup--message {
+		width: 100%;
+		min-height: 12rem;
+	}
+	.ibo-welcome-popup--button {
+		width: 100%;
+		text-align: center;
+		padding-top: 1rem;
+		position: absolute;
+		bottom: 4.5rem;
+	}
+}
+.ibo-welcome-popup--indicators {
+	width: 100%;
+	display: block;
+	text-align: center;
+	padding-top: 1.5rem;
+	padding-bottom: 0;
+	height: 3rem;
+	.ibo-welcome-popup--indicator {
+		width: 1rem;
+		height: 1rem;
+		border-radius: 0.5rem;
+		background-color: $ibo-color-secondary-600;
+		display: inline-block;
+		cursor: pointer;
+	}
+	.ibo-welcome-popup--active {
+		background-color: $ibo-color-information-600 !important;
+	}
 }

datamodels/2.x/authent-cas/dictionaries/es_cr.dict.authent-cas.php

@@ -1,5 +1,5 @@
 <?php
- /**
+/**
  * Spanish Localized data
  *
  * @copyright   Copyright (C) 2010-2023 Combodo SARL
@@ -7,7 +7,6 @@
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  * @notas       Utilizar codificación UTF-8 para mostrar acentos y otros caracteres especiales 
  */
-
 Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'CAS:Error:UserNotAllowed' => 'Usuario no permitido',
 	'CAS:Login:SignIn' => 'Iniciar sesión con CAS',

datamodels/2.x/authent-cas/dictionaries/pl.dict.authent-cas.php

@@ -5,7 +5,6 @@
  * @copyright   Copyright (C) 2013 XXXXX
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
-
 Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'CAS:Error:UserNotAllowed' => 'Użytkownik niedozwolony',
 	'CAS:Login:SignIn' => 'Zaloguj się za pomocą CAS',

datamodels/2.x/authent-cas/src/CASLoginExtension.php

@@ -49,6 +49,11 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 
 	protected function OnReadCredentials(&$iErrorCode)
 	{
+		if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+			// Not allowed if not already connected
+			return LoginWebPage::LOGIN_FSM_CONTINUE;
+		}
+
 		if (empty(Session::Get('login_mode')) || Session::Get('login_mode') == static::LOGIN_MODE)
 		{
 			static::InitCASClient();
@@ -114,6 +119,10 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		if (Session::Get('login_mode') == static::LOGIN_MODE)
 		{
 			Session::Unset('phpCAS');
+			if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
+				// don't display the login page
+				return LoginWebPage::LOGIN_FSM_CONTINUE;
+			}
 			if ($iErrorCode != LoginWebPage::EXIT_CODE_MISSINGLOGIN)
 			{
 				$oLoginWebPage = new LoginWebPage();

datamodels/2.x/authent-external/dictionaries/es_cr.dict.authent-external.php

@@ -15,7 +15,7 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
- /**
+/**
  * Spanish Localized data
  *
  * @copyright   Copyright (C) 2010-2023 Combodo SARL

datamodels/2.x/authent-external/dictionaries/pl.dict.authent-external.php

@@ -20,7 +20,6 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with iTop. If not, see <http://www.gnu.org/licenses/>
  */
-
 // Dictionnay conventions
 // Class:<class_name>
 // Class:<class_name>+
@@ -30,11 +29,9 @@
 // Class:<class_name>/Attribute:<attribute_code>/Value:<value>+
 // Class:<class_name>/Stimulus:<stimulus_code>
 // Class:<class_name>/Stimulus:<stimulus_code>+
-
 //
 // Class: UserExternal
 //
-
 Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserExternal' => 'Użytkownik zewnętrzny',
 	'Class:UserExternal+' => 'Użytkownik uwierzytelniony poza '.ITOP_APPLICATION_SHORT,

datamodels/2.x/authent-ldap/dictionaries/cs.dict.authent-ldap.php

@@ -38,4 +38,5 @@
 Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'Class:UserLDAP' => 'LDAP uživatel',
 	'Class:UserLDAP+' => 'Uživatel ověřen přes LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/da.dict.authent-ldap.php

@@ -23,4 +23,5 @@
 Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'Class:UserLDAP' => 'LDAP-Bruger',
 	'Class:UserLDAP+' => 'Bruger der godkendes via LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/de.dict.authent-ldap.php

@@ -25,4 +25,7 @@
 Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Class:UserLDAP' => 'LDAP-Benutzer',
 	'Class:UserLDAP+' => 'Benutzer, der via LDAP authentifiziert wird',
+	'Class:UserLDAP/Attribute:ldap_server' => 'LDAP-Server',
+	'Class:UserLDAP/Attribute:ldap_server+' => 'Optional: LDAP-Server, der zur Authentifizierung verwendet werden soll, falls mehrere LDAP-Server konfiguriert sind.',
+	'UserLDAP:server' => 'LDAP-Einstellungen',
 ));

datamodels/2.x/authent-ldap/dictionaries/es_cr.dict.authent-ldap.php

@@ -15,7 +15,7 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
- /**
+/**
  * Spanish Localized data
  *
  * @copyright   Copyright (C) 2010-2023 Combodo SARL
@@ -37,4 +37,5 @@
 Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLDAP' => 'Usuario LDAP',
 	'Class:UserLDAP+' => 'Usuario autenticado vía LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/hu.dict.authent-ldap.php

@@ -22,4 +22,5 @@
 Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Class:UserLDAP' => 'LDAP felhasználó',
 	'Class:UserLDAP+' => '',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/it.dict.authent-ldap.php

@@ -36,4 +36,5 @@
 Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Class:UserLDAP' => 'Utente LDAP',
 	'Class:UserLDAP+' => 'Utente autenticato da LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/ja.dict.authent-ldap.php

@@ -23,4 +23,5 @@
 Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Class:UserLDAP' => 'LDAP ユーザー',
 	'Class:UserLDAP+' => 'LDAP認証ユーザー',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/nl.dict.authent-ldap.php

@@ -37,4 +37,5 @@
 Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Class:UserLDAP' => 'LDAP-gebruiker',
 	'Class:UserLDAP+' => 'Gebruiker die aanmeldt via LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/pl.dict.authent-ldap.php

@@ -20,7 +20,6 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with iTop. If not, see <http://www.gnu.org/licenses/>
  */
-
 // Dictionnay conventions
 // Class:<class_name>
 // Class:<class_name>+
@@ -30,12 +29,11 @@
 // Class:<class_name>/Attribute:<attribute_code>/Value:<value>+
 // Class:<class_name>/Stimulus:<stimulus_code>
 // Class:<class_name>/Stimulus:<stimulus_code>+
-
 //
 // Class: UserLDAP
 //
-
 Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserLDAP' => 'Użytkownik LDAP',
 	'Class:UserLDAP+' => 'Użytkownik uwierzytelniony przez LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/pt_br.dict.authent-ldap.php

@@ -22,4 +22,5 @@
 Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Class:UserLDAP' => 'Usuário externo via LDAP',
 	'Class:UserLDAP+' => '',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/ru.dict.authent-ldap.php

@@ -14,4 +14,5 @@
 Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Class:UserLDAP' => 'Пользователь LDAP',
 	'Class:UserLDAP+' => 'Пользователь, аутентифицируемый через LDAP',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/sk.dict.authent-ldap.php

@@ -35,4 +35,5 @@
 Dict::Add('SK SK', 'Slovak', 'Slovenčina', array(
 	'Class:UserLDAP' => 'LDAP užívateľ',
 	'Class:UserLDAP+' => '',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/tr.dict.authent-ldap.php

@@ -37,4 +37,5 @@
 Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:UserLDAP' => 'LDAP kullanıcısı',
 	'Class:UserLDAP+' => 'Yetki kontrolü LDAP tarafından yapılan',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-ldap/dictionaries/zh_cn.dict.authent-ldap.php

@@ -36,4 +36,5 @@
 Dict::Add('ZH CN', 'Chinese', '简体中文', array(
 	'Class:UserLDAP' => 'LDAP 用户',
 	'Class:UserLDAP+' => '用户身份由LDAP 认证',
+	'UserLDAP:server' => 'LDAP specifics~~',
 ));

datamodels/2.x/authent-local/dictionaries/cs.dict.authent-local.php

@@ -40,7 +40,6 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'Class:UserLocal+' => 'Uživatel ověřen interně v '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Heslo',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -53,9 +52,7 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));

datamodels/2.x/authent-local/dictionaries/da.dict.authent-local.php

@@ -25,7 +25,6 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'Class:UserLocal+' => 'Bruger der godkendes af '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Password',
 	'Class:UserLocal/Attribute:password+' => 'Brugerens password',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -38,9 +37,7 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));

datamodels/2.x/authent-local/dictionaries/de.dict.authent-local.php

@@ -27,7 +27,6 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Class:UserLocal+' => 'Benutzer, der von '.ITOP_APPLICATION_SHORT.' authentifiziert wird',
 	'Class:UserLocal/Attribute:password' => 'Passwort',
 	'Class:UserLocal/Attribute:password+' => 'Benutzerpasswort',
-
 	'Class:UserLocal/Attribute:expiration' => 'Passwortablauf',
 	'Class:UserLocal/Attribute:expiration+' => 'Passwortablaufstatus (statusabhängige Effekte müssen per Extension implementiert werden)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'kann ablaufen',
@@ -40,9 +39,7 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Letzte Passworterneuerung',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Letztes Änderungsdatum',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Das Passwort entspricht nicht dem in den Konfigurationsregeln hinterlegten RegEx-Ausdruck',
-
 	'UserLocal:password:expiration' => 'Die folgenden Felder benötigen eine '.ITOP_APPLICATION_SHORT.' Erweiterung',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Das setzen des Passwortablaufs auf "Einmalpasswort" ist für den eigenen Benutzer nicht erlaubt.',
 ));

datamodels/2.x/authent-local/dictionaries/es_cr.dict.authent-local.php

@@ -39,7 +39,6 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLocal+' => 'Usuario Autenticado vía '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Contraseña',
 	'Class:UserLocal/Attribute:password+' => 'Contraseña',
-
 	'Class:UserLocal/Attribute:expiration' => 'Expiración de contraseña',
 	'Class:UserLocal/Attribute:expiration+' => 'Estatus de expiración de contraseña (requiere de una extensión para que tenga efecto)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Puede expirar',
@@ -52,9 +51,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'El usuario no puede cambiar la contraseña.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Renovación de contraseña',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Cuando fue el último cambio de contraseña',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 8 caracteres e incluír mayúsculas, minúsculas, números y caracteres especiales.',
-
 	'UserLocal:password:expiration' => 'El siguiente campo requiere una extensión',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Configurar expiración de contraseña para "ontraseña de un solo uso" no está permitido para su propio Usuario',
 ));

datamodels/2.x/authent-local/dictionaries/fr.dict.authent-local.php

@@ -24,7 +24,6 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'Class:UserLocal+' => 'Utilisateur authentifié par '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Mot de passe',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Validité du mot de passe',
 	'Class:UserLocal/Attribute:expiration+' => 'Statut du mot de passe (nécessite une extension pour avoir un effet)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Durée limitée',
@@ -37,7 +36,6 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Mot de passe changé le',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Dernière date à laquelle le mot de passe a été changé',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Le mot de passe doit contenir au moins 8 caractères, avec minuscule, majuscule, nombre et caractère spécial.',
 	'UserLocal:password:expiration' => 'Les champs ci-dessous nécessitent une extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Impossible de mettre "Usage unique" comme validité du mot de passe pour son propre utilisateur.',

datamodels/2.x/authent-local/dictionaries/hu.dict.authent-local.php

@@ -24,7 +24,6 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Class:UserLocal+' => '',
 	'Class:UserLocal/Attribute:password' => 'Jelszó',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Jelszó lejárati ideje',
 	'Class:UserLocal/Attribute:expiration+' => 'Jelszó lejárati státusz (bővítmény szükséges hozzá)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Lejár',
@@ -35,11 +34,9 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Class:UserLocal/Attribute:expiration/Value:force_expire+' => '~~',
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire' => 'Egyszeri jelszó',
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'A felhasználó nem változtathat jelszót.',
-    'Class:UserLocal/Attribute:password_renewed_date' => 'Jelszó megújítás ideje',
+	'Class:UserLocal/Attribute:password_renewed_date' => 'Jelszó megújítás ideje',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'A jelszó legutóbbi módosításának időpontja',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A jelszónak legalább 8 karakterből kell állnia, és tartalmaznia kell nagybetűket, kisbetűket, numerikus és speciális karaktereket.',
-
 	'UserLocal:password:expiration' => 'Az alábbi mezőkhöz egy bővítmény szükséges',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'A jelszó lejárati idejének beállítása "Egyszeri jelszóra" nem engedélyezett a saját Felhasználó számára.',
 ));

datamodels/2.x/authent-local/dictionaries/it.dict.authent-local.php

@@ -38,7 +38,6 @@ Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Class:UserLocal+' => 'Utente autenticato da '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Password',
 	'Class:UserLocal/Attribute:password+' => 'user authentication string',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -51,9 +50,7 @@ Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));

datamodels/2.x/authent-local/dictionaries/ja.dict.authent-local.php

@@ -25,7 +25,6 @@ Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Class:UserLocal+' => ITOP_APPLICATION_SHORT.'ローカル認証ユーザー',
 	'Class:UserLocal/Attribute:password' => 'パスワード',
 	'Class:UserLocal/Attribute:password+' => '認証文字列',
-
 	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
 	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
@@ -38,9 +37,7 @@ Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
-
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));

datamodels/2.x/authent-local/dictionaries/nl.dict.authent-local.php

@@ -29,7 +29,6 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Class:UserLocal+' => 'Gebruiker die aanmeldt met gegevens aangemaakt in het gebruikersbeheer van '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Wachtwoord',
 	'Class:UserLocal/Attribute:password+' => 'Het wachtwoord waarmee de gebruiker zich aanmeldt bij '.ITOP_APPLICATION_SHORT,
-
 	'Class:UserLocal/Attribute:expiration' => 'Wachtwoord verloopt',
 	'Class:UserLocal/Attribute:expiration+' => 'Of het wachtwoord al dan niet verlopen is (vereist een extensie vooraleer dit werkt)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Kan verlopen',
@@ -42,9 +41,7 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'De gebruiker kan dit wachtwoord niet veranderen.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Wachtwoord laatst aangepast',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Tijdstip waarop het wachtwoord het laatst aangepast werd.',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Het wachtwoord bestaat uit minstens 8 tekens en bestaat uit een mix van minstens 1 hoofdletter, kleine letter, cijfer en speciaal teken.',
-
 	'UserLocal:password:expiration' => 'De velden hieronder vereisen een extensie.',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Je kan geen eenmalig wachtwoord instellen voor je eigen gebruiker.',
 ));

datamodels/2.x/authent-local/dictionaries/pl.dict.authent-local.php

@@ -37,7 +37,6 @@ Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserLocal+' => 'Użytkownik uwierzytelniony przez '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Hasło',
 	'Class:UserLocal/Attribute:password+' => 'Ciąg uwierzytelniania użytkownika',
-
 	'Class:UserLocal/Attribute:expiration' => 'Wygaśnięcie hasła',
 	'Class:UserLocal/Attribute:expiration+' => 'Stan wygaśnięcia hasła (wymaga rozszerzenia, aby zadziałało)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Może wygasnąć',
@@ -50,9 +49,7 @@ Dict::Add('PL PL', 'Polish', 'Polski', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Hasło nie może być zmienione przez użytkownika.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Odnowienie hasła',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Kiedy ostatnio zmieniano hasło',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Hasło musi mieć co najmniej 8 znaków i zawierać duże, małe litery, cyfry i znaki specjalne.',
-
 	'UserLocal:password:expiration' => 'Poniższe pola wymagają rozszerzenia',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Ustawienie wygaśnięcia hasła "Hasło jednorazowe" nie jest dozwolone dla własnego użytkownika',
 ));

datamodels/2.x/authent-local/dictionaries/pt_br.dict.authent-local.php

@@ -24,7 +24,6 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Class:UserLocal+' => '',
 	'Class:UserLocal/Attribute:password' => 'Senha',
 	'Class:UserLocal/Attribute:password+' => '',
-
 	'Class:UserLocal/Attribute:expiration' => 'Expiração da senha',
 	'Class:UserLocal/Attribute:expiration+' => 'Status de expiração de senha (Requer uma extensão para fazer efeito)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Senha expira',
@@ -37,9 +36,7 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Senha não pode ser alterada pelo usuário',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Data da última alteração de senha',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Quando a senha foi alterada anteriormente',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A senha deve ter no mínimo 8 caracteres e incluir letras maiúsculas, minúsculas, números e símbolos',
-
 	'UserLocal:password:expiration' => 'O campo abaixo requer uma extensão',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Definir a expiração da senha para One-Time Password (OTP) não é permitido para o seu próprio usuário',
 ));

datamodels/2.x/authent-local/dictionaries/ru.dict.authent-local.php

@@ -16,7 +16,6 @@ Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Class:UserLocal+' => 'Пользователь, аутентифицируемый через '.ITOP_APPLICATION_SHORT,
 	'Class:UserLocal/Attribute:password' => 'Пароль',
 	'Class:UserLocal/Attribute:password+' => 'Строка аутентификации пользователя',
-
 	'Class:UserLocal/Attribute:expiration' => 'Срок действия пароля',
 	'Class:UserLocal/Attribute:expiration+' => 'Статус срока действия пароля (требуется расширение для эффекта)',
 	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Органиченный',
@@ -29,9 +28,7 @@ Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Дата изменения пароля',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Когда пароль был изменен в последний раз',
-
 	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Пароль должен содержать не менее 8 символов и включать прописные, строчные, числовые и специальные символы.',
-
 	'UserLocal:password:expiration' => 'Поля требуют наличия доп. расширения',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ));