Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-06 08:34:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

* [ADD] New notices feature that query if there are security or warnings about sysPass (only enabled for app admin users)

Browse Source
This commit is contained in:
nuxsmin
2015-08-06 02:36:58 +02:00
parent 41835698c8
commit 215b216ee6
17 changed files with 541 additions and 382 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ajax/ajax_configSave.php
View File

@@ -68,6 +68,7 @@ if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL
$debugEnabled = SP\Request::analyze('debug', false, false, true);
$maintenanceEnabled = SP\Request::analyze('maintenance', false, false, true);
$checkUpdatesEnabled = SP\Request::analyze('updates', false, false, true);
$checkNoticesEnabled = SP\Request::analyze('notices', false, false, true);
SP\Config::setValue('sitelang', $siteLang);
SP\Config::setValue('sitetheme', $siteTheme);
@@ -76,6 +77,7 @@ if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL
SP\Config::setValue('debug', $debugEnabled);
SP\Config::setValue('maintenance', $maintenanceEnabled);
SP\Config::setValue('checkupdates', $checkUpdatesEnabled);
SP\Config::setValue('checknotices', $checkNoticesEnabled);
// Accounts
$globalSearchEnabled = SP\Request::analyze('globalsearch', false, false, true);

26
inc/Config.class.php
View File

@@ -290,14 +290,19 @@ class Config
*/
public static function setDefaultValues()
{
self::setValue('log_enabled', 1);
self::setValue('debug', 0);
self::setValue('ldap_enabled', 0);
self::setValue('mail_enabled', 0);
self::setValue('wiki_enabled', 0);
self::setValue('demo_enabled', 0);
self::setValue('files_enabled', 1);
self::setValue('checkupdates', 1);
self::setValue('debug', false);
self::setValue('log_enabled', true);
self::setValue('ldap_enabled', false);
self::setValue('mail_enabled', false);
self::setValue('wiki_enabled', false);
self::setValue('demo_enabled', false);
self::setValue('files_enabled', true);
self::setValue('proxy_enabled', false);
self::setValue('checkupdates', true);
self::setValue('checknotices', true);
self::setValue('globalsearch', false);
self::setValue('account_passtoimage', false);
self::setValue('resultsascards', false);
self::setValue('files_allowed_exts', 'PDF,JPG,GIF,PNG,ODT,ODS,DOC,DOCX,XLS,XSL,VSD,TXT,CSV,BAK');
self::setValue('files_allowed_size', 1024);
self::setValue('wiki_searchurl', '');
@@ -313,6 +318,11 @@ class Config
self::setValue('session_timeout', '300');
self::setValue('account_link', 1);
self::setValue('account_count', 12);
self::setValue('sitetheme', 'material-blue');
self::setValue('proxy_server', '');
self::setValue('proxy_port', '');
self::setValue('proxy_user', '');
self::setValue('proxy_pass', '');
}
/**

153
inc/Util.class.php
View File

@@ -134,7 +134,6 @@ class Util
*/
public static function checkModules()
{
// $modsAvail = array_map('strtolower', get_loaded_extensions());
$modsNeed = array(
'ldap',
'mcrypt',
@@ -148,7 +147,8 @@ class Util
'gettext',
'openssl',
'pcre',
'session'
'session',
'gd'
);
$error = array();
@@ -156,7 +156,7 @@ class Util
if (!extension_loaded($module)) {
$error[] = array(
'type' => SPException::SP_WARNING,
'description' => _('Módulo no disponible') . " ($module)",
'description' => sprintf('%s (%s)', _('Módulo no disponible'), $module),
'hint' => _('Sin este módulo la aplicación puede no funcionar correctamente.')
);
}
@@ -216,72 +216,86 @@ class Util
}
$githubUrl = 'https://api.github.com/repos/nuxsmin/sysPass/releases/latest';
$ch = curl_init($githubUrl);
if (Config::getValue('proxy_enabled')){
curl_setopt($ch, CURLOPT_PROXY, Config::getValue('proxy_server'));
curl_setopt($ch, CURLOPT_PROXYPORT, Config::getValue('proxy_port'));
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
$data = self::getDataFromUrl($githubUrl);
$proxyUser = Config::getValue('proxy_user');
if ($data) {
$updateInfo = json_decode($data);
if ($proxyUser) {
$proxyAuth = $proxyUser . ':' . Config::getValue('proxy_pass');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyAuth);
}
}
// $updateInfo[0]->tag_name
// $updateInfo[0]->name
// $updateInfo[0]->body
// $updateInfo[0]->tarball_url
// $updateInfo[0]->zipball_url
// $updateInfo[0]->published_at
// $updateInfo[0]->html_url
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, "sysPass App Updater");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
$version = $updateInfo->tag_name;
$url = $updateInfo->html_url;
$title = $updateInfo->name;
$description = $updateInfo->body;
$date = $updateInfo->published_at;
$data = curl_exec($ch);
preg_match("/v?(\d+)\.(\d+)\.(\d+)\.(\d+)(\-[a-z0-9.]+)?$/", $version, $realVer);
if ($data === false) {
Log::writeNewLog(__FUNCTION__, curl_error($ch));
if (is_array($realVer) && Init::isLoggedIn()) {
$appVersion = implode('', self::getVersion(true));
$pubVersion = $realVer[1] . $realVer[2] . $realVer[3] . $realVer[4];
return false;
}
curl_close($ch);
$updateInfo = json_decode($data);
// $updateInfo[0]->tag_name
// $updateInfo[0]->name
// $updateInfo[0]->body
// $updateInfo[0]->tarball_url
// $updateInfo[0]->zipball_url
// $updateInfo[0]->published_at
// $updateInfo[0]->html_url
$version = $updateInfo->tag_name;
$url = $updateInfo->html_url;
$title = $updateInfo->name;
$description = $updateInfo->body;
$date = $updateInfo->published_at;
preg_match("/v?(\d+)\.(\d+)\.(\d+)\.(\d+)(\-[a-z0-9.]+)?$/", $version, $realVer);
if (is_array($realVer) && Init::isLoggedIn()) {
$appVersion = implode('', self::getVersion(true));
$pubVersion = $realVer[1] . $realVer[2] . $realVer[3] . $realVer[4];
if ($pubVersion > $appVersion) {
return array(
'version' => $version,
'url' => $url,
'title' => $title,
'description' => $description,
'date' => $date);
if ($pubVersion > $appVersion) {
return array(
'version' => $version,
'url' => $url,
'title' => $title,
'description' => $description,
'date' => $date);
} else {
return true;
}
} else {
return true;
return false;
}
} else {
}
return false;
}
/**
* Comprobar si hay notificaciones de sysPass disponibles desde internet (github.com)
* Esta función hace una petición a GitHub y parsea el JSON devuelto
*
* @return array|bool
*/
public static function checkNotices()
{
if (!Config::getValue('checknotices')) {
return false;
}
$githubUrl = 'https://api.github.com/repos/nuxsmin/sysPass/issues?milestone=none&state=open&labels=Notices';
$data = self::getDataFromUrl($githubUrl);
if ($data) {
$noticesData = json_decode($data);
$notices = array();
// $noticesData[0]->title
// $noticesData[0]->body
// $noticesData[0]->created_at
foreach ($noticesData as $notice) {
$notices[] = array(
$notice->title,
// $notice->body,
$notice->created_at
);
}
return $notices;
}
return false;
}
/**
@@ -684,10 +698,33 @@ class Util
return $appinfo;
}
/**
* Obtener datos desde una URL
*
* @param $url string La URL
* @return bool|string
*/
private static function getDataFromUrl($url)
{
if (!self::curlIsAvailable() || !Config::getValue('checkupdates')) {
return false;
}
$ch = curl_init($url);
if (Config::getValue('proxy_enabled')){
curl_setopt($ch, CURLOPT_PROXY, Config::getValue('proxy_server'));
curl_setopt($ch, CURLOPT_PROXYPORT, Config::getValue('proxy_port'));
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
$proxyUser = Config::getValue('proxy_user');
if ($proxyUser) {
$proxyAuth = $proxyUser . ':' . Config::getValue('proxy_pass');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyAuth);
}
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, "sysPass-App");

BIN
inc/locales/en_US/LC_MESSAGES/messages.mo
View File

Binary file not shown.

588
inc/locales/en_US/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

16
inc/themes/classic/config.inc
View File

@@ -101,6 +101,22 @@
class="checkbox" <?php echo $chkUpdates, ' ', $isDisabled; ?> />
</td>
</tr>
<tr>
<td class="descField">
<?php echo _('Comprobar notificaciones'); ?>
<img src="imgs/help.png" title="" class="inputImgMini help-tooltip" />
<div class="tooltip" for="help-notices" style="display: none;">
<p>
<?php echo _('Comprobar si existen notificaciones de seguridad o avisos de sysPass (sólo para los usuarios administradores).'); ?>
</p>
</div>
</td>
<td class="valField">
<label for="notices"><?php echo ($chkUpdates) ? 'SI' : 'NO'; ?></label>
<input type="checkbox" name="notices" id="notices"
class="checkbox" <?php echo $chkNotices, ' ', $isDisabled; ?> />
</td>
</tr>
<tr>
<td class="descField">
<?php echo _('Nombre de cuenta como enlace'); ?>

2
inc/themes/classic/css/styles.css
View File

@@ -1207,6 +1207,8 @@ footer #updates {
padding-left: 20px;
}
footer #updates div {display: inline-block; margin: 0 .5em}
footer #status {
float: left;
width: 20%;

37
inc/themes/classic/update.inc
View File

@@ -1,12 +1,27 @@
<?php if ($hasUpdates):?>
<a id="link-updates" class="active-tooltip" href="<?php echo $url; ?>" target="_blank" title="<?php echo $description; ?>">
<?php echo $title; ?>
&nbsp;&nbsp;
<div id="help-hasupdates" class="icon material-icons fg-blue40">cloud_download</div>
</a>
<?php elseif ($status === true):?>
<div class="icon material-icons fg-green40 active-tooltip" title="<?php echo _('Actualizado'); ?>">check_circle</div>
<?php elseif ($status === false): ?>
<div class="icon material-icons fg-orange40 active-tooltip" title="<?php echo _('Error al comprobar actualizaciones'); ?>">warning</div>
<?php endif; ?>
<div>
<?php if (!empty($noticesTitle)): ?>
<a href="https://github.com/nuxsmin/sysPass/labels/Notices" target="_blank"
class="active-tooltip" title="<?php echo $noticesTitle; ?>">
<i class="material-icons fg-orange40">feedback</i>
</a>
<?php endif; ?>
</div>
<div>
<?php if ($hasUpdates): ?>
<a id="link-updates" class="active-tooltip" href="<?php echo $url; ?>" target="_blank"
title="<?php echo $description; ?>">
<?php echo $title; ?>
&nbsp;&nbsp;
<div id="help-hasupdates" class="icon material-icons fg-blue40">cloud_download</div>
</a>
<?php elseif ($status === true): ?>
<div class="icon material-icons fg-green40 active-tooltip" title="<?php echo _('Actualizado'); ?>">
check_circle
</div>
<?php elseif ($status === false): ?>
<div class="icon material-icons fg-orange40 active-tooltip"
title="<?php echo _('Error al comprobar actualizaciones'); ?>">warning
</div>
<?php endif; ?>
</div>

2
inc/themes/classic/userspass.inc
View File

@@ -18,7 +18,7 @@
<td class="descField">
<?php echo _('Clave (repetir)'); ?></td>
<td class="valField">
<input type="password" id="fancypassR" name="passv" title="<?php echo _('Clave (repetir)'); ?>"
<input type="password" id="fancypassR" name="passR" title="<?php echo _('Clave (repetir)'); ?>"
class="txtpassv"/>
</td>
</tr>

18
inc/themes/material-blue/config.inc
View File

@@ -115,6 +115,24 @@
</label>
</td>
</tr>
<tr>
<td class="descField">
<?php echo _('Comprobar notificaciones'); ?>
<div id="help-notices" class="icon material-icons fg-blue80">help_outline</div>
<div class="mdl-tooltip mdl-tooltip--large" for="help-notices">
<p>
<?php echo _('Comprobar si existen notificaciones de seguridad o avisos de sysPass (sólo para los usuarios administradores).'); ?>
</p>
</div>
</td>
<td class="valField">
<label class="mdl-switch mdl-js-switch mdl-js-ripple-effect" for="notices">
<input type="checkbox" id="notices" class="mdl-switch__input fg-blue100" name="notices"
<?php echo $chkNotices, ' ', $isDisabled; ?>/>
<span class="mdl-switch__label"></span>
</label>
</td>
</tr>
</table>
<div id="title" class="midroundup titleNormal">

2
inc/themes/material-blue/css/styles.css
View File

@@ -1154,6 +1154,8 @@ footer #updates {
cursor: pointer;
}
footer #updates div {display: inline-block; margin: 0 .5em}
footer #status {
float: right;
text-align: right;

3
inc/themes/material-blue/searchbox.inc
View File

@@ -16,7 +16,8 @@
</p>
<ul>
<li>:user [login] &gt; <?php echo _('Buscar cuentas a las que \'login\' tenga acceso'); ?></li>
<li>:group [group_name] &gt; <?php echo _('Buscar cuentas a las que \'group_name\' tenga acceso'); ?></li>
<li>:group [file_name] &gt; <?php echo _('Buscar cuentas a las que \'group_name\' tenga acceso'); ?></li>
<li>:file [file_name] &gt; <?php echo _('Buscar cuentas con archivos con el nombre \'file_name\''); ?></li>
</ul>
</div>

36
inc/themes/material-blue/update.inc
View File

@@ -1,12 +1,26 @@
<?php if ($hasUpdates):?>
<a id="link-updates" class="active-tooltip" href="<?php echo $url; ?>" target="_blank" title="<?php echo $description; ?>">
<?php echo $title; ?>
&nbsp;&nbsp;
<div id="help-hasupdates" class="icon material-icons fg-blue40">cloud_download</div>
</a>
<?php elseif ($status === true):?>
<div class="icon material-icons fg-green40" title="<?php echo _('Actualizado'); ?>">check_circle</div>
<?php elseif ($status === false): ?>
<div class="icon material-icons fg-orange40" title="<?php echo _('Error al comprobar actualizaciones'); ?>">warning</div>
<?php endif; ?>
<div>
<?php if (!empty($noticesTitle)): ?>
<a href="https://github.com/nuxsmin/sysPass/labels/Notices" target="_blank"
class="mdl-badge active-tooltip" data-badge="<?php echo $numNotices; ?>"
title="<?php echo $noticesTitle; ?>">
<i class="material-icons fg-orange40">feedback</i>
</a>
<?php endif; ?>
</div>
<div>
<?php if ($hasUpdates): ?>
<a id="link-updates" class="active-tooltip" href="<?php echo $url; ?>" target="_blank"
title="<?php echo $description; ?>">
<?php echo $title; ?>
&nbsp;&nbsp;
<div id="help-hasupdates" class="icon material-icons fg-blue40">cloud_download</div>
</a>
<?php elseif ($status === true): ?>
<div class="icon material-icons fg-green40" title="<?php echo _('Actualizado'); ?>">check_circle</div>
<?php elseif ($status === false): ?>
<div class="icon material-icons fg-orange40" title="<?php echo _('Error al comprobar actualizaciones'); ?>">
warning
</div>
<?php endif; ?>
</div>

2
inc/themes/material-blue/users.inc
View File

@@ -99,7 +99,7 @@
<td class="descField"><?php echo _('Clave (repetir)'); ?></td>
<td class="valField">
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
<input id="userpassR" name="passv" type="password" required class="mdl-textfield__input fg-blue100"
<input id="userpassR" name="passR" type="password" required class="mdl-textfield__input fg-blue100"
maxlength="50">
<label class="mdl-textfield__label"
for="userpassR"><?php echo _('Clave (repetir)'); ?></label>

4
inc/themes/material-blue/userspass.inc
View File

@@ -8,7 +8,7 @@
<td class="descField"><?php echo _('Clave'); ?></td>
<td class="valField">
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
<input id="userpass" name="pass" type="password" required class="mdl-textfield__input fg-blue100 passwordfield__input"
<input id="fancypass" name="pass" type="password" required class="mdl-textfield__input fg-blue100 passwordfield__input"
maxlength="50">
<label class="mdl-textfield__label" for="userpass"><?php echo _('Clave'); ?></label>
</div>
@@ -19,7 +19,7 @@
<td class="descField"><?php echo _('Clave (repetir)'); ?></td>
<td class="valField">
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
<input id="userpassR" name="passR" type="password" required class="mdl-textfield__input fg-blue100"
<input id="fancypassR" name="passR" type="password" required class="mdl-textfield__input fg-blue100"
maxlength="50">
<label class="mdl-textfield__label"
for="userpassR"><?php echo _('Clave (repetir)'); ?></label>

1
web/ConfigC.class.php
View File

@@ -94,6 +94,7 @@ class ConfigC extends Controller implements ActionsInterface
$this->view->assign('chkDebug', (\SP\Config::getValue('debug')) ? 'checked="checked"' : '');
$this->view->assign('chkMaintenance', (\SP\Config::getValue('maintenance')) ? 'checked="checked"' : '');
$this->view->assign('chkUpdates', (\SP\Config::getValue('checkupdates')) ? 'checked="checked"' : '');
$this->view->assign('chkNotices', (\SP\Config::getValue('checknotices')) ? 'checked="checked"' : '');
$this->view->assign('sessionTimeout', \SP\Config::getValue('session_timeout'));
// Files

31
web/MainC.class.php
View File

@@ -99,7 +99,11 @@ class MainC extends Controller implements ActionsInterface
*/
public function getMain()
{
$onLoad = array('doAction(' . self::ACTION_ACC_SEARCH . ')', 'checkUpds()');
$onLoad = array('doAction(' . self::ACTION_ACC_SEARCH . ')');
if(Session::getUserIsAdminApp()){
$onLoad[] = 'checkUpds()';
}
$this->view->assign('onLoad', implode(';', $onLoad));
@@ -342,14 +346,7 @@ class MainC extends Controller implements ActionsInterface
*/
public function getCheckUpdates()
{
// Comprobar una vez por sesión
// if (!\SP\Session::getUpdated()) {
$updates = \SP\Util::checkUpdates();
// \SP\Session::setUpdated(true);
// }
// Forzar la escritura de la sesión
// session_write_close();
$updates = \SP\Util::checkUpdates();
$this->view->addTemplate('update');
@@ -366,5 +363,21 @@ class MainC extends Controller implements ActionsInterface
$this->view->assign('status', $updates);
}
$notices = \SP\Util::checkNotices();
$numNotices = count($notices);
$noticesTitle = '';
if ($notices !== false && $numNotices > 0){
$noticesTitle = 'sysPass Notices<br><br>';
foreach ($notices as $notice){
$noticesTitle .= sprintf('%s <br>', $notice[0]);
}
}
$this->view->assign('numNotices', $numNotices);
$this->view->assign('noticesTitle', $noticesTitle);
}
}