Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-04 07:34:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1 from nuxsmin/3.0

Browse Source 
Update to latest 3.0
This commit is contained in:
Orsiris de Jong
2018-11-27 11:31:52 +01:00
committed by GitHub
parent 13e12baaf0 8cdceed192
commit 712b0c7ebc
45 changed files with 4555 additions and 5648 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
app/locales/da/LC_MESSAGES/messages.mo
View File

Binary file not shown.

2402
app/locales/da/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
app/locales/de_DE/LC_MESSAGES/messages.mo
View File

Binary file not shown.

2546
app/locales/de_DE/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
app/locales/en_US/LC_MESSAGES/messages.mo
View File

Binary file not shown.

958
app/locales/en_US/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
app/locales/es_ES/LC_MESSAGES/messages.mo
View File

Binary file not shown.

1161
app/locales/es_ES/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
app/locales/it_IT/LC_MESSAGES/messages.mo
View File

Binary file not shown.

2438
app/locales/it_IT/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

5
app/modules/web/Controllers/ConfigLdapController.php
View File

@@ -35,6 +35,7 @@ use SP\Http\JsonResponse;
use SP\Modules\Web\Controllers\Traits\ConfigTrait;
use SP\Mvc\View\Template;
use SP\Providers\Auth\Ldap\LdapParams;
use SP\Providers\Auth\Ldap\LdapTypeInterface;
use SP\Services\Ldap\LdapCheckService;
use SP\Services\Ldap\LdapImportParams;
use SP\Services\Ldap\LdapImportService;
@@ -73,7 +74,7 @@ final class ConfigLdapController extends SimpleControllerBase
if ($ldapEnabled) {
$configData->setLdapEnabled(true);
$configData->setLdapAds($ldapParams->isAds());
$configData->setLdapType($ldapParams->getType());
$configData->setLdapTlsEnabled($ldapParams->isTlsEnabled());
$configData->setLdapServer($ldapParams->getServer());
$configData->setLdapBase($ldapParams->getSearchBase());
@@ -128,7 +129,7 @@ final class ConfigLdapController extends SimpleControllerBase
->setGroup($this->request->analyzeString('ldap_group'))
->setBindDn($this->request->analyzeString('ldap_binduser'))
->setBindPass($this->request->analyzeEncrypted('ldap_bindpass'))
->setAds($this->request->analyzeBool('ldap_ads_enabled', false))
->setType($this->request->analyzeInt('ldap_server_type', LdapTypeInterface::LDAP_STD))
->setTlsEnabled($this->request->analyzeBool('ldap_tls_enabled', false));
}

2
app/modules/web/Controllers/ConfigMailController.php
View File

@@ -84,7 +84,7 @@ final class ConfigMailController extends SimpleControllerBase
$configData->setMailRecipients($mailRecipients);
$configData->setMailEvents($this->request->analyzeArray('mail_events', function ($items) {
return ConfigUtil::eventsAdapter($items);
}));
}, []));
if ($mailAuth) {
$configData->setMailAuthenabled($mailAuth);

9
app/modules/web/Controllers/ConfigManagerController.php
View File

@@ -34,6 +34,7 @@ use SP\Modules\Web\Controllers\Helpers\TabsHelper;
use SP\Mvc\View\Components\DataTab;
use SP\Mvc\View\Components\SelectItemAdapter;
use SP\Plugin\PluginManager;
use SP\Providers\Auth\Ldap\LdapTypeInterface;
use SP\Providers\Log\LogInterface;
use SP\Providers\Mail\MailHandler;
use SP\Services\Account\AccountService;
@@ -222,6 +223,14 @@ final class ConfigManagerController extends ControllerBase
$template->assign('userGroups', SelectItemAdapter::factory(UserGroupService::getItemsBasic())->getItemsFromModel());
$template->assign('userProfiles', SelectItemAdapter::factory(UserProfileService::getItemsBasic())->getItemsFromModel());
$serverTypes = [
LdapTypeInterface::LDAP_STD => 'Standard',
LdapTypeInterface::LDAP_ADS => 'Active Directory',
LdapTypeInterface::LDAP_AZURE => 'Azure Active Directory',
];
$template->assign('serverTypes', SelectItemAdapter::factory($serverTypes)->getItemsFromArraySelected([$this->configData->getLdapType()]));
return new DataTab(__('LDAP'), $template);
}

4
app/modules/web/Controllers/Helpers/Grid/PublicLinkGrid.php
View File

@@ -129,7 +129,9 @@ final class PublicLinkGrid extends GridBase
$gridData->addDataRowSource('getDateAddFormat', true);
$gridData->addDataRowSource('getDateExpireFormat', true);
$gridData->addDataRowSource('userLogin');
$gridData->addDataRowSource('getNotifyString', true);
$gridData->addDataRowSource('notify', false, function ($value) {
return $value ? __('ON') : __('OFF');
});
$gridData->addDataRowSource('getCountViewsString', true);
$gridData->setData($this->queryResult);

2
app/modules/web/themes/material-blue/views/config/accounts.inc
View File

@@ -253,7 +253,7 @@
maxlength="5"
value="<?php echo $configData->getPublinksMaxTime() / 60; ?>"/>
<label class="mdl-textfield__label"
for="publiclinks_maxtime"><?php echo __('Expire time'); ?></label>
for="publiclinks_maxtime"><?php echo __('Expire time (minutes)'); ?></label>
</div>
</td>
</tr>

43
app/modules/web/themes/material-blue/views/config/ldap.inc
View File

@@ -52,23 +52,6 @@
</span>
</li>
<li class="mdl-list__item mdl-list__item--two-line">
<div class="mdl-switch__box">
<label class="mdl-switch mdl-js-switch mdl-js-ripple-effect" for="ldap_ads_enabled">
<input type="checkbox" id="ldap_ads_enabled"
class="mdl-switch__input"
name="ldap_ads_enabled" <?php echo $configData->isLdapAds() ? 'checked' : ''; ?>/>
</label>
</div>
<span class="mdl-list__item-primary-content">
<span><?php echo __('Active Directory'); ?></span>
<span class="mdl-list__item-sub-title">
<?php echo __('Enables Active Directory LDAP connection mode.'); ?>
</span>
</span>
</li>
<li class="mdl-list__item mdl-list__item--two-line">
<div class="mdl-switch__box">
<label class="mdl-switch mdl-js-switch mdl-js-ripple-effect" for="ldap_tls_enabled">
@@ -89,6 +72,22 @@
</ul>
</td>
</tr>
<tr>
<td class="descField"><?php echo __('Server Type'); ?></td>
<td class="valField">
<div class="lowres-title"><?php echo __('Server Type'); ?></div>
<select id="ldap_defaultgroup" name="ldap_server_type"
class="select-box sel-chosen-usergroup" required>
<option value=""><?php echo __('Server Type'); ?></option>
<?php /** @var \SP\Mvc\View\Components\SelectItem $serverType */
foreach ($_getvar('serverTypes') as $serverType): ?>
<option
value="<?php echo $serverType->getId(); ?>" <?php echo $serverType->isSelected() ? 'selected' : ''; ?>><?php echo $serverType->getName(); ?></option>
<?php endforeach; ?>
</select>
</td>
</tr>
<tr>
<td class="descField">
<?php echo __('Server'); ?>
@@ -168,7 +167,17 @@
maxlength="128" value="<?php echo $configData->getLdapBindPass() ? '***' : ''; ?>"/>
<label class="mdl-textfield__label"
for="ldap_bindpass"><?php echo __('Password'); ?></label>
</div>
<?php if ($configData->getLdapBindPass()): ?>
<div id="help-ldap_password"
class="icon material-icons <?php echo $icons->getIconWarning()->getClass(); ?>"><?php echo $icons->getIconWarning()->getIcon(); ?></div>
<div class="mdl-tooltip mdl-tooltip--large" for="help-ldap_password">
<p>
<?php echo __('This isn\'t the real LDAP password. You should set the real one before checking or importing LDAP objects'); ?>
</p>
</div>
<?php endif; ?>
</td>
</tr>
<tr>

2
app/modules/web/themes/material-blue/views/usersettings/general.inc
View File

@@ -123,7 +123,7 @@ $userPreferences = $_getvar('userPreferences');
<span class="mdl-list__item-primary-content">
<span><?php echo __('Navigation bar on top'); ?></span>
<span class="mdl-list__item-sub-title">
<?php echo __('Dysplays a navigation bar on top of the search results.'); ?>
<?php echo __('Displays a navigation bar on top of the search results.'); ?>
</span>
</span>
</li>

2
lib/SP/Config/Config.php
View File

@@ -187,7 +187,7 @@ final class Config
}
$configData->setConfigDate(time());
$configData->setConfigSaver($this->context->getUserData()->getLogin());
$configData->setConfigSaver($this->context->getUserData()->getLogin() ?: 'sysPass');
$configData->setConfigHash();
$this->fileStorage->save($configData, 'config');

20
lib/SP/Config/ConfigData.php
View File

@@ -201,6 +201,10 @@ final class ConfigData implements JsonSerializable
* @var bool
*/
private $ldapAds = false;
/**
* @var int
*/
private $ldapType;
/**
* @var string
*/
@@ -2149,4 +2153,20 @@ final class ConfigData implements JsonSerializable
{
$this->filesAllowedMime = $filesAllowedMime;
}
/**
* @return int
*/
public function getLdapType()
{
return (int)$this->ldapType;
}
/**
* @param int $ldapType
*/
public function setLdapType(int $ldapType)
{
$this->ldapType = $ldapType;
}
}

8
lib/SP/DataModel/PublicLinkListData.php
View File

@@ -80,14 +80,6 @@ class PublicLinkListData extends PublicLinkData
return $this->accountName;
}
/**
* @return string
*/
public function getNotifyString()
{
return $this->isNotify() ? __u('ON') : __u('OFF');
}
/**
* @return false|string
*/

62
lib/SP/Providers/Auth/AuthProvider.php
View File

@@ -31,12 +31,11 @@ use SP\Providers\Auth\Browser\Browser;
use SP\Providers\Auth\Browser\BrowserAuthData;
use SP\Providers\Auth\Database\Database;
use SP\Providers\Auth\Database\DatabaseAuthData;
use SP\Providers\Auth\Ldap\Ldap;
use SP\Providers\Auth\Ldap\LdapAuth;
use SP\Providers\Auth\Ldap\LdapAuthData;
use SP\Providers\Auth\Ldap\LdapConnection;
use SP\Providers\Auth\Ldap\LdapMsAds;
use SP\Providers\Auth\Ldap\LdapException;
use SP\Providers\Auth\Ldap\LdapParams;
use SP\Providers\Auth\Ldap\LdapStd;
use SP\Providers\Provider;
use SP\Services\Auth\AuthException;
@@ -77,6 +76,10 @@ final class AuthProvider extends Provider
*
* @param UserLoginData $userLoginData
*
* @uses authLdap
* @uses authDatabase
* @uses authBrowser
*
* @return false|AuthResult[]
*/
public function doAuth(UserLoginData $userLoginData)
@@ -101,33 +104,12 @@ final class AuthProvider extends Provider
* Autentificación de usuarios con LDAP.
*
* @return bool|LdapAuthData
* @throws Ldap\LdapException
* @throws AuthException
* @throws LdapException
*/
public function authLdap()
{
$data = LdapParams::getServerAndPort($this->configData->getLdapServer());
$ldapParams = (new LdapParams())
->setServer($data['server'])
->setPort(isset($data['port']) ? $data['port'] : 389)
->setSearchBase($this->configData->getLdapBase())
->setGroup($this->configData->getLdapGroup())
->setBindDn($this->configData->getLdapBindUser())
->setBindPass($this->configData->getLdapBindPass())
->setAds($this->configData->isLdapAds());
$ldapConnection = new LdapConnection($ldapParams, $this->eventDispatcher, $this->configData->isDebug());
if ($this->configData->isLdapAds()) {
$ldap = new LdapAuth(
new LdapMsAds($ldapConnection, $this->eventDispatcher),
$this->eventDispatcher);
} else {
$ldap = new LdapAuth(
new LdapStd($ldapConnection, $this->eventDispatcher),
$this->eventDispatcher);
}
$ldap = $this->getLdapAuth();
$ldapAuthData = $ldap->getLdapAuthData();
$ldapAuthData->setAuthenticated($ldap->authenticate($this->userLoginData));
@@ -144,6 +126,32 @@ final class AuthProvider extends Provider
return $ldapAuthData;
}
/**
* @return LdapAuth
* @throws LdapException
*/
private function getLdapAuth()
{
$data = LdapParams::getServerAndPort($this->configData->getLdapServer());
$ldapParams = (new LdapParams())
->setServer($data['server'])
->setPort(isset($data['port']) ? $data['port'] : 389)
->setSearchBase($this->configData->getLdapBase())
->setGroup($this->configData->getLdapGroup())
->setBindDn($this->configData->getLdapBindUser())
->setBindPass($this->configData->getLdapBindPass())
->setType($this->configData->getLdapType());
return new LdapAuth(
Ldap::factory(
$ldapParams,
$this->eventDispatcher,
$this->configData->isDebug()),
$this->eventDispatcher
);
}
/**
* Autentificación de usuarios con base de datos
*

34
lib/SP/Providers/Auth/Ldap/Ldap.php
View File

@@ -82,6 +82,34 @@ abstract class Ldap implements LdapInterface
*/
protected abstract function pickServer();
/**
* @param LdapParams $ldapParams
* @param EventDispatcher $eventDispatcher
* @param bool $debug
*
* @return LdapInterface
* @throws LdapException
*/
public static function factory(LdapParams $ldapParams, EventDispatcher $eventDispatcher, bool $debug)
{
$ldapConnection = new LdapConnection($ldapParams, $eventDispatcher, $debug);
$ldapConnection->checkConnection();
switch ($ldapParams->getType()) {
case LdapTypeInterface::LDAP_STD:
return new LdapStd($ldapConnection, $eventDispatcher);
break;
case LdapTypeInterface::LDAP_ADS:
return new LdapMsAds($ldapConnection, $eventDispatcher);
break;
case LdapTypeInterface::LDAP_AZURE;
return new LdapMsAzureAd($ldapConnection, $eventDispatcher);
break;
}
throw new LdapException(__u('LDAP type not set'));
}
/**
* @return LdapActions
*/
@@ -125,7 +153,7 @@ abstract class Ldap implements LdapInterface
*/
protected function getGroupFromParams(): string
{
if (strpos($this->ldapParams->getGroup(), 'cn') === 0) {
if (stripos($this->ldapParams->getGroup(), 'cn') === 0) {
return LdapUtil::getGroupName($this->ldapParams->getGroup());
}
@@ -138,10 +166,10 @@ abstract class Ldap implements LdapInterface
*/
protected function getGroupDn(): string
{
if (strpos($this->ldapParams->getGroup(), 'cn') === 0) {
if (stripos($this->ldapParams->getGroup(), 'cn') === 0) {
return $this->ldapParams->getGroup();
}
return $this->ldapActions->searchGroupsDn($this->getGroupObjectFilter())[0];
}
}
}

4
lib/SP/Providers/Auth/Ldap/LdapActions.php
View File

@@ -144,7 +144,7 @@ final class LdapActions
*/
protected function getGroupFromParams(): string
{
if (strpos($this->ldapParams->getGroup(), 'cn') === 0) {
if (stripos($this->ldapParams->getGroup(), 'cn') === 0) {
return LdapUtil::getGroupName($this->ldapParams->getGroup());
}
@@ -271,4 +271,4 @@ final class LdapActions
return $searchResults;
}
}
}

5
lib/SP/Providers/Auth/Ldap/LdapAuth.php
View File

@@ -172,7 +172,10 @@ final class LdapAuth implements AuthInterface
$this->ldapAuthData->setInGroup(
$this->ldap->isUserInGroup(
$attributes['dn'],
(array)$attributes->get('group')));
$userLogin,
(array)$attributes->get('group')
)
);
return $this->ldapAuthData;
}

1
lib/SP/Providers/Auth/Ldap/LdapConnection.php
View File

@@ -151,6 +151,7 @@ final class LdapConnection implements LdapConnectionInterface
@ldap_set_option($this->ldapHandler, LDAP_OPT_NETWORK_TIMEOUT, self::TIMEOUT);
@ldap_set_option($this->ldapHandler, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($this->ldapHandler, LDAP_OPT_REFERRALS, 0);
$this->isTls = $this->connectTls();

3
lib/SP/Providers/Auth/Ldap/LdapInterface.php
View File

@@ -52,11 +52,12 @@ interface LdapInterface
* Buscar al usuario en un grupo.
*
* @param string $userDn
* @param string $userLogin
* @param array $groupsDn
*
* @return bool
*/
public function isUserInGroup(string $userDn, array $groupsDn): bool;
public function isUserInGroup(string $userDn, string $userLogin, array $groupsDn): bool;
/**
* Devolver el filtro para objetos del tipo grupo

56
lib/SP/Providers/Auth/Ldap/LdapMsAds.php
View File

@@ -31,16 +31,16 @@ use SP\Http\Address;
/**
* Class LdapAds
*
* Autentificación basada en Active Directory
* LDAP authentication based on Active Directory
*
* @package SP\Auth\Ldap
*/
final class LdapMsAds extends Ldap
{
const FILTER_USER_OBJECT = '(|(objectCategory=person)(objectClass=user))';
const FILTER_USER_OBJECT = '(&(!(UserAccountControl:1.2.840.113556.1.4.804:=34))(|(objectCategory=person)(objectClass=user)))';
const FILTER_GROUP_OBJECT = '(objectCategory=group)';
const FILTER_USER_ATTRIBUTES = ['samaccountname', 'cn', 'uid', 'userPrincipalName'];
const FILTER_GROUP_ATTRIBUTES = ['memberOf', 'groupMembership', 'memberof:1.2.840.113556.1.4.1941:='];
const FILTER_GROUP_ATTRIBUTES = ['memberOf', 'groupMembership', 'memberof:1.2.840.113556.1.4.1941:'];
/**
* Devolver el filtro para comprobar la pertenecia al grupo
@@ -93,12 +93,13 @@ final class LdapMsAds extends Ldap
* Buscar al usuario en un grupo.
*
* @param string $userDn
* @param string $userLogin
* @param array $groupsDn
*
* @return bool
* @throws LdapException
*/
public function isUserInGroup(string $userDn, array $groupsDn): bool
public function isUserInGroup(string $userDn, string $userLogin, array $groupsDn): bool
{
// Comprobar si está establecido el filtro de grupo o el grupo coincide con
// los grupos del usuario
@@ -109,27 +110,27 @@ final class LdapMsAds extends Ldap
$this->eventDispatcher->notifyEvent('ldap.check.group',
new Event($this, EventMessage::factory()
->addDescription(__u('User in group verified'))
->addDetail(__u('User'), $userDn)
->addDetail(__u('User'), $userLogin)
->addDetail(__u('Group'), $this->ldapParams->getGroup())));
return true;
}
return $this->checkUserInGroupByFilter($userDn);
return $this->checkUserInGroupByFilter($userLogin);
}
/**
* @param string $userDn
* @param string $userLogin
*
* @return bool
* @throws LdapException
*/
private function checkUserInGroupByFilter(string $userDn): bool
private function checkUserInGroupByFilter(string $userLogin): bool
{
$groupDn = $this->getGroupDn();
$filter = '(&(|'
. LdapUtil::getAttributesForFilter(self::FILTER_USER_ATTRIBUTES, $userDn)
. LdapUtil::getAttributesForFilter(self::FILTER_USER_ATTRIBUTES, $userLogin)
. ')(|'
. LdapUtil::getAttributesForFilter(self::FILTER_GROUP_ATTRIBUTES, $groupDn)
. '))';
@@ -142,7 +143,7 @@ final class LdapMsAds extends Ldap
$this->eventDispatcher->notifyEvent('ldap.check.group',
new Event($this, EventMessage::factory()
->addDescription(__u('User does not belong to the group'))
->addDetail(__u('User'), $userDn)
->addDetail(__u('User'), $userLogin)
->addDetail(__u('Group'), $groupDn)
->addDetail('LDAP FILTER', $filter)));
@@ -152,25 +153,12 @@ final class LdapMsAds extends Ldap
$this->eventDispatcher->notifyEvent('ldap.check.group',
new Event($this, EventMessage::factory()
->addDescription(__u('User in group verified'))
->addDetail(__u('User'), $userDn)
->addDetail(__u('User'), $userLogin)
->addDetail(__u('Group'), $groupDn)));
return true;
}
/**
* @return bool
* @throws \SP\Core\Exceptions\SPException
*/
public function connect()
{
$handler = parent::connect();
@ldap_set_option($handler, LDAP_OPT_REFERRALS, 0);
return true;
}
/**
* Obtener el servidor de LDAP a utilizar
*
@@ -184,28 +172,22 @@ final class LdapMsAds extends Ldap
return $server;
}
$serverDomain = '';
$serverFQDN = explode('.', $server);
$dnsServerQuery = '_msdcs' . substr($server, strpos($server, '.'));
for ($i = 1; $i <= count($serverFQDN) - 1; $i++) {
$serverDomain .= $serverFQDN[$i] . '.';
}
logger(sprintf('Querying DNS zone: %s', $dnsServerQuery));
$dnsServerQuery = '_msdcs.' . $serverDomain;
$records = dns_get_record($dnsServerQuery, DNS_NS);
if (count($records) === 0) {
if (empty($records)) {
return $server;
}
$ads = [];
$adServers = [];
foreach ($records as $record) {
$ads[] = $record['target'];
$adServers[] = $record['target'];
};
$nAds = count($ads);
return $nAds > 0 ? $ads[mt_rand(0, $nAds)] : $server;
return count($adServers) > 0 ? array_rand($adServers) : $server;
}
}
}

193
lib/SP/Providers/Auth/Ldap/LdapMsAzureAd.php Normal file
View File

@@ -0,0 +1,193 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Providers\Auth\Ldap;
use SP\Core\Events\Event;
use SP\Core\Events\EventMessage;
use SP\Http\Address;
/**
* Class LdapMsAzureAd
*
* LDAP authentication based on Azure Active Directory
*
* @package SP\Auth\Ldap
*/
final class LdapMsAzureAd extends Ldap
{
const FILTER_USER_OBJECT = '(|(objectCategory=person)(objectClass=user))';
const FILTER_GROUP_OBJECT = '(objectCategory=group)';
const FILTER_USER_ATTRIBUTES = ['samaccountname', 'cn', 'uid', 'userPrincipalName'];
const FILTER_GROUP_ATTRIBUTES = ['memberOf', 'groupMembership', 'memberof:1.2.840.113556.1.4.1941:'];
/**
* Devolver el filtro para comprobar la pertenecia al grupo
*
* @return string
* @throws \SP\Core\Exceptions\SPException
*/
public function getGroupMembershipFilter(): string
{
if (empty($this->ldapParams->getGroup())) {
return self::FILTER_USER_OBJECT;
}
return '(&(|'
. LdapUtil::getAttributesForFilter(
self::FILTER_GROUP_ATTRIBUTES,
$this->getGroupDn())
. ')'
. self::FILTER_USER_OBJECT
. ')';
}
/**
* Obtener el filtro para buscar el usuario
*
* @param string $userLogin
*
* @return string
*/
public function getUserDnFilter(string $userLogin): string
{
return '(&(|'
. LdapUtil::getAttributesForFilter(self::FILTER_USER_ATTRIBUTES, $userLogin)
. ')'
. self::FILTER_USER_OBJECT
. ')';
}
/**
* Devolver el filtro para objetos del tipo grupo
*
* @return string
*/
public function getGroupObjectFilter(): string
{
return self::FILTER_GROUP_OBJECT;
}
/**
* Buscar al usuario en un grupo.
*
* @param string $userDn
* @param string $userLogin
* @param array $groupsDn
*
* @return bool
* @throws LdapException
*/
public function isUserInGroup(string $userDn, string $userLogin, array $groupsDn): bool
{
// Comprobar si está establecido el filtro de grupo o el grupo coincide con
// los grupos del usuario
if (empty($this->ldapParams->getGroup())
|| $this->ldapParams->getGroup() === '*'
|| in_array($this->getGroupDn(), $groupsDn)
) {
$this->eventDispatcher->notifyEvent('ldap.check.group',
new Event($this, EventMessage::factory()
->addDescription(__u('User in group verified'))
->addDetail(__u('User'), $userLogin)
->addDetail(__u('Group'), $this->ldapParams->getGroup())));
return true;
}
return $this->checkUserInGroupByFilter($userLogin);
}
/**
* @param string $userLogin
*
* @return bool
* @throws LdapException
*/
private function checkUserInGroupByFilter(string $userLogin): bool
{
$groupDn = $this->getGroupDn();
$filter = '(&(|'
. LdapUtil::getAttributesForFilter(self::FILTER_USER_ATTRIBUTES, $userLogin)
. ')(|'
. LdapUtil::getAttributesForFilter(self::FILTER_GROUP_ATTRIBUTES, $groupDn)
. '))';
$searchResults = $this->ldapActions->getObjects($filter, ['dn']);
if (isset($searchResults['count'])
&& (int)$searchResults['count'] === 0
) {
$this->eventDispatcher->notifyEvent('ldap.check.group',
new Event($this, EventMessage::factory()
->addDescription(__u('User does not belong to the group'))
->addDetail(__u('User'), $userLogin)
->addDetail(__u('Group'), $groupDn)
->addDetail('LDAP FILTER', $filter)));
return false;
}
$this->eventDispatcher->notifyEvent('ldap.check.group',
new Event($this, EventMessage::factory()
->addDescription(__u('User in group verified'))
->addDetail(__u('User'), $userLogin)
->addDetail(__u('Group'), $groupDn)));
return true;
}
/**
* Obtener el servidor de LDAP a utilizar
*
* @return mixed
*/
protected function pickServer()
{
$server = $this->ldapParams->getServer();
if (preg_match(Address::PATTERN_IP_ADDRESS, $server)) {
return $server;
}
$dnsServerQuery = '_msdcs' . substr($server, strpos($server, '.'));
logger(sprintf('Querying DNS zone: %s', $dnsServerQuery));
$records = dns_get_record($dnsServerQuery, DNS_NS);
if (empty($records)) {
return $server;
}
$adServers = [];
foreach ($records as $record) {
$adServers[] = $record['target'];
};
return count($adServers) > 0 ? array_rand($adServers) : $server;
}
}

16
lib/SP/Providers/Auth/Ldap/LdapParams.php
View File

@@ -58,9 +58,9 @@ final class LdapParams
*/
protected $group;
/**
* @var bool
* @var int
*/
protected $ads = false;
protected $type;
/**
* @var bool
*/
@@ -195,21 +195,21 @@ final class LdapParams
}
/**
* @return bool
* @return int
*/
public function isAds()
public function getType()
{
return $this->ads;
return $this->type;
}
/**
* @param bool $ads
* @param int $type
*
* @return LdapParams
*/
public function setAds($ads)
public function setType($type)
{
$this->ads = (bool)$ads;
$this->type = (int)$type;
return $this;
}

18
lib/SP/Providers/Auth/Ldap/LdapStd.php
View File

@@ -30,7 +30,7 @@ use SP\Core\Events\EventMessage;
/**
* Class LdapStd
*
* Autentificación basada en LDAP estándard
* LDAP authentication based on an standard implementation
*
* @package SP\Auth\Ldap
*/
@@ -91,12 +91,13 @@ final class LdapStd extends Ldap
* Buscar al usuario en un grupo.
*
* @param string $userDn
* @param string $userLogin
* @param array $groupsDn
*
* @return bool
* @throws LdapException
*/
public function isUserInGroup(string $userDn, array $groupsDn): bool
public function isUserInGroup(string $userDn, string $userLogin, array $groupsDn): bool
{
// Comprobar si está establecido el filtro de grupo o el grupo coincide con
// los grupos del usuario
@@ -149,19 +150,6 @@ final class LdapStd extends Ldap
return true;
}
/**
* @return bool
* @throws \SP\Core\Exceptions\SPException
*/
public function connect()
{
$handler = parent::connect();
@ldap_set_option($handler, LDAP_OPT_REFERRALS, 0);
return true;
}
/**
* Obtener el servidor de LDAP a utilizar
*

38
lib/SP/Providers/Auth/Ldap/LdapTypeInterface.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Providers\Auth\Ldap;
/**
* Interface LdapTypeInterface
*
* @package SP\Providers\Auth\Ldap
*/
interface LdapTypeInterface
{
const LDAP_STD = 1;
const LDAP_ADS = 2;
const LDAP_AZURE = 3;
}

12
lib/SP/Providers/Auth/Ldap/LdapUtil.php
View File

@@ -75,13 +75,13 @@ final class LdapUtil
*/
public static function getAttributesForFilter(array $attributes, $value): string
{
$out = [];
$value = ldap_escape((string)$value, null, LDAP_ESCAPE_FILTER);
foreach ($attributes as $attribute) {
$out[] = '(' . $attribute . '=' . $value . ')';
}
return implode('', $out);
return implode(
'',
array_map(function ($attribute) use ($value) {
return sprintf('(%s=%s)', $attribute, $value);
}, $attributes)
);
}
}

6
lib/SP/Services/Account/AccountCryptService.php
View File

@@ -72,7 +72,7 @@ final class AccountCryptService extends Service
);
if ($this->request->useTask()) {
$taskId = $this->request->getTask();
$taskId = $this->request->getTask()->getTaskId();
TaskFactory::update($taskId, TaskFactory::createMessage($taskId, __u('Update Master Password')));
}
@@ -212,9 +212,9 @@ final class AccountCryptService extends Service
new Event($this, EventMessage::factory()->addDescription(__u('Update Master Password (H)')))
);
$taskId = $this->request->getTask();
if ($this->request->useTask()) {
$taskId = $this->request->getTask()->getTaskId();
TaskFactory::update($taskId, TaskFactory::createMessage($taskId, __u('Update Master Password (H)')));
}

4
lib/SP/Services/Auth/LoginService.php
View File

@@ -378,6 +378,10 @@ final class LoginService extends Service
// Actualizar el último login del usuario
$this->userService->updateLastLoginById($userLoginResponse->getId());
if ($this->context->getTrasientKey('mpass_updated')) {
$userLoginResponse->setLastUpdateMPass(time());
}
// Cargar las variables de ussuario en la sesión
$this->context->setUserData($userLoginResponse);
$this->context->setUserProfile($this->dic->get(UserProfileService::class)->getById($userLoginResponse->getUserProfileId())->getProfile());

3
lib/SP/Services/Export/XmlExportService.php
View File

@@ -236,8 +236,7 @@ final class XmlExportService extends Service
$metaTime = $this->xml->createElement('Time', time());
$metaUser = $this->xml->createElement('User', $userData->getLogin());
$metaUser->setAttribute('id', $userData->getId());
// FIXME: get user group name
$metaGroup = $this->xml->createElement('Group', '');
$metaGroup = $this->xml->createElement('Group', $userData->getUserGroupName());
$metaGroup->setAttribute('id', $userData->getUserGroupId());
$nodeMeta->appendChild($metaGenerator);

9
lib/SP/Services/Import/ImportService.php
View File

@@ -34,7 +34,14 @@ defined('APP_ROOT') || die();
*/
final class ImportService extends Service
{
const ALLOWED_MIME = ['text/csv', 'application/xml', 'text/xml'];
const ALLOWED_MIME = [
'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
'application/vnd.mes-excel',
'text/plain',
'text/csv',
'application/xml',
'text/xml'
];
/**
* @var ImportParams

4
lib/SP/Services/Install/Installer.php
View File

@@ -56,8 +56,8 @@ final class Installer extends Service
* sysPass' version and build number
*/
const VERSION = [3, 0, 0];
const VERSION_TEXT = '3.0-rc4';
const BUILD = 18111902;
const VERSION_TEXT = '3.0-rc5';
const BUILD = 18112601;
/**
* @var DatabaseSetupInterface

12
lib/SP/Services/Ldap/LdapCheckService.php
View File

@@ -25,11 +25,8 @@
namespace SP\Services\Ldap;
use SP\Providers\Auth\Ldap\Ldap;
use SP\Providers\Auth\Ldap\LdapConnection;
use SP\Providers\Auth\Ldap\LdapException;
use SP\Providers\Auth\Ldap\LdapMsAds;
use SP\Providers\Auth\Ldap\LdapParams;
use SP\Providers\Auth\Ldap\LdapStd;
use SP\Services\Service;
/**
@@ -51,14 +48,7 @@ final class LdapCheckService extends Service
*/
public function checkConnection(LdapParams $ldapParams)
{
$ldapConnection = new LdapConnection($ldapParams, $this->eventDispatcher, true);
$ldapConnection->checkConnection();
if ($ldapParams->isAds()) {
$this->ldap = new LdapMsAds($ldapConnection, $this->eventDispatcher);
} else {
$this->ldap = new LdapStd($ldapConnection, $this->eventDispatcher);
}
$this->ldap = Ldap::factory($ldapParams, $this->eventDispatcher, true);
}
/**

14
lib/SP/Services/Ldap/LdapImportService.php
View File

@@ -29,11 +29,9 @@ use SP\Core\Events\EventMessage;
use SP\DataModel\UserData;
use SP\DataModel\UserGroupData;
use SP\Providers\Auth\Ldap\Ldap;
use SP\Providers\Auth\Ldap\LdapConnection;
use SP\Providers\Auth\Ldap\LdapException;
use SP\Providers\Auth\Ldap\LdapMsAds;
use SP\Providers\Auth\Ldap\LdapInterface;
use SP\Providers\Auth\Ldap\LdapParams;
use SP\Providers\Auth\Ldap\LdapStd;
use SP\Services\Service;
use SP\Services\User\UserService;
use SP\Services\UserGroup\UserGroupService;
@@ -157,18 +155,12 @@ final class LdapImportService extends Service
/**
* @param LdapParams $ldapParams
*
* @return Ldap
* @return LdapInterface
* @throws LdapException
*/
protected function getLdap(LdapParams $ldapParams)
{
$ldapConnection = new LdapConnection($ldapParams, $this->eventDispatcher, $this->config->getConfigData()->isDebug());
if ($ldapParams->isAds()) {
return new LdapMsAds($ldapConnection, $this->eventDispatcher);
} else {
return new LdapStd($ldapConnection, $this->eventDispatcher);
}
return Ldap::factory($ldapParams, $this->eventDispatcher, $this->config->getConfigData()->isDebug());
}
/**

16
lib/SP/Services/PublicLink/PublicLinkService.php
View File

@@ -152,7 +152,7 @@ final class PublicLinkService extends Service
$publicLinkData->setHash($key->getHash());
$publicLinkData->setData($this->getSecuredLinkData($publicLinkData->getItemId(), $key));
$publicLinkData->setDateExpire(self::calcDateExpire($this->config));
$publicLinkData->setCountViews($this->config->getConfigData()->getPublinksMaxViews());
$publicLinkData->setMaxCountViews($this->config->getConfigData()->getPublinksMaxViews());
return $this->publicLinkRepository->refresh($publicLinkData);
}
@@ -293,20 +293,6 @@ final class PublicLinkService extends Service
$useInfo[] = self::getUseInfo($publicLinkData->getHash(), $this->request);
$publicLinkData->setUseInfo($useInfo);
// FIXME
// $Log = new Log();
// $LogMessage = $Log->getLogMessage();
// $LogMessage->setAction(__u('Show Public Link'));
// $LogMessage->addDescription(__u('Link viewed'));
// $LogMessage->addDetails(__u('Type'), $publicLinkData->getPublicLinkTypeId());
// $LogMessage->addDetails(__u('Account'), AccountUtil::getAccountNameById($publicLinkData->getPublicLinkItemId()));
// $LogMessage->addDetails(__u('User'), UserUtil::getUserLoginById($publicLinkData->getPublicLinkUserId()));
// $Log->writeLog();
//
// if ($publicLinkData->isPublicLinkNotify()) {
// Email::sendEmail($LogMessage);
// }
if ($this->publicLinkRepository->addLinkView($publicLinkData) === 0) {
throw new NoSuchItemException(__u('Link not found'));
}

46
lib/SP/Services/Upgrade/UpgradeConfigService.php
View File

@@ -28,6 +28,7 @@ use SP\Config\ConfigData;
use SP\Core\Events\Event;
use SP\Core\Events\EventMessage;
use SP\Core\MimeTypes;
use SP\Providers\Auth\Ldap\LdapTypeInterface;
use SP\Providers\Log\FileLogHandler;
use SP\Services\Service;
use SP\Util\VersionUtil;
@@ -42,7 +43,13 @@ final class UpgradeConfigService extends Service implements UpgradeInterface
/**
* @var array Versiones actualizables
*/
const UPGRADES = ['112.4', '130.16020501', '200.17011202', '300.18111001'];
const UPGRADES = [
'112.4',
'130.16020501',
'200.17011202',
'300.18111001',
'300.18112501'
];
/**
* @var ConfigData
*/
@@ -197,8 +204,6 @@ final class UpgradeConfigService extends Service implements UpgradeInterface
* @param $version
* @param ConfigData $configData
*
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
* @throws \SP\Storage\File\FileException
*/
public function upgrade($version, ConfigData $configData)
@@ -220,8 +225,6 @@ final class UpgradeConfigService extends Service implements UpgradeInterface
/**
* @param $version
*
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
* @throws \SP\Storage\File\FileException
*/
private function applyUpgrade($version)
@@ -233,14 +236,15 @@ final class UpgradeConfigService extends Service implements UpgradeInterface
case '300.18111001':
$this->upgrade_300_18111001($version);
break;
case '300.18112501':
$this->upgrade_300_18112501($version);
break;
}
}
/**
* @param $version
*
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
* @throws \SP\Storage\File\FileException
*/
private function upgrade_200_17011202($version)
@@ -260,8 +264,6 @@ final class UpgradeConfigService extends Service implements UpgradeInterface
/**
* @param $version
*
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
* @throws \SP\Storage\File\FileException
*/
private function upgrade_300_18111001($version)
@@ -308,6 +310,32 @@ final class UpgradeConfigService extends Service implements UpgradeInterface
);
}
/**
* @param $version
*
* @throws \SP\Storage\File\FileException
*/
private function upgrade_300_18112501($version)
{
if ($this->configData->isLdapEnabled()) {
if ($this->configData->isLdapAds()) {
$this->configData->setLdapType(LdapTypeInterface::LDAP_ADS);
} else {
$this->configData->setLdapType(LdapTypeInterface::LDAP_STD);
}
$this->configData->setConfigVersion($version);
$this->config->saveConfig($this->configData, false);
$this->eventDispatcher->notifyEvent('upgrade.config.process',
new Event($this, EventMessage::factory()
->addDescription(__u('Update Configuration'))
->addDetail(__u('Version'), $version))
);
}
}
/**
* initialize
*/

4
lib/SP/Services/User/UserPassService.php
View File

@@ -198,8 +198,8 @@ final class UserPassService extends Service
$this->userRepository->updateMasterPassById($userData->getId(), $response->getCryptMasterPass(), $response->getCryptSecuredKey());
// Update the time when master password was set
$this->context->getUserData()->setLastUpdateMPass(time());
// Tells that the master password has been updated
$this->context->setTrasientKey('mpass_updated', true);
$this->setMasterKeyInContext($userMPass);

8
public/js/app-main.js
View File

@@ -165,7 +165,7 @@ sysPass.Main = function () {
}
);
}).on("click", ".clip-pass-icon", function () {
const $target =$(this.dataset.clipboardTarget);
const $target = $(this.dataset.clipboardTarget);
clipboard
.copy(oPublic.util.decodeEntities($target.val()))
@@ -424,11 +424,11 @@ sysPass.Main = function () {
};
const configHandler = sysPass.Config();
configHandler.setAppRoot(window.location.protocol + "//" + window.location.host + rootPath());
const root = window.location.protocol + "//" + window.location.host + rootPath();
configHandler.setAppRoot(root);
const opts = oPublic.requests.getRequestOpts();
opts.url = "/index.php?r=bootstrap/getEnvironment";
opts.url = root + "/index.php?r=bootstrap/getEnvironment";
opts.method = "get";
// opts.async = false;
opts.useLoading = false;

22
public/js/app-main.min.js vendored
View File

@@ -1,13 +1,13 @@
sysPass.Main=function(){var k=function(){e.info("checkPluginUpdates");for(var a in b.plugins)"function"===typeof b.plugins[a].checkVersion&&b.plugins[a].checkVersion().then(function(a){0===a.status&&void 0!==a.data.plugin&&f.info(String.format(b.config.LANG[67],a.data.plugin,a.data.remoteVersion))})},l=function(){e.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);if(!a.hasClass("passwordfield__no-pki"))try{g(a)}catch(c){e.error(c),f.error(c)}}).on("keypress",
":input[type=password]",function(a){if(13===a.keyCode){a.preventDefault();a=$(this);try{g(a)}catch(c){e.error(c),f.error(c)}a.closest("form").submit()}})},m=function(){e.info("initializeClipboard");if(clipboard.isSupported())$("body").on("click",".clip-pass-button",function(){var a=b.actions.account.copyPass($(this)).done(function(a){if(0!==a.status)return f.out(a),!1;h.set(a.csrf)});!1!==a&&clipboard.copy(a.responseJSON.data.accpass).then(function(){f.ok(b.config.LANG[45])},function(a){f.error(b.config.LANG[46])})}).on("click",
sysPass.Main=function(){var l=function(){d.info("checkPluginUpdates");for(var a in b.plugins)"function"===typeof b.plugins[a].checkVersion&&b.plugins[a].checkVersion().then(function(a){0===a.status&&void 0!==a.data.plugin&&f.info(String.format(b.config.LANG[67],a.data.plugin,a.data.remoteVersion))})},m=function(){d.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);if(!a.hasClass("passwordfield__no-pki"))try{h(a)}catch(c){d.error(c),f.error(c)}}).on("keypress",
":input[type=password]",function(a){if(13===a.keyCode){a.preventDefault();a=$(this);try{h(a)}catch(c){d.error(c),f.error(c)}a.closest("form").submit()}})},n=function(){d.info("initializeClipboard");if(clipboard.isSupported())$("body").on("click",".clip-pass-button",function(){var a=b.actions.account.copyPass($(this)).done(function(a){if(0!==a.status)return f.out(a),!1;k.set(a.csrf)});!1!==a&&clipboard.copy(a.responseJSON.data.accpass).then(function(){f.ok(b.config.LANG[45])},function(a){f.error(b.config.LANG[46])})}).on("click",
".dialog-clip-button",function(){var a=$(this.dataset.clipboardTarget);clipboard.copy(a.text().replace(/\r?\n|\r/g)).then(function(){$(".dialog-text").removeClass("dialog-clip-copy");a.addClass("dialog-clip-copy")},function(a){f.error(b.config.LANG[46])})}).on("click",".clip-pass-icon",function(){var a=$(this.dataset.clipboardTarget);clipboard.copy(b.util.decodeEntities(a.val())).then(function(){f.ok(b.config.LANG[45])},function(a){f.error(b.config.LANG[46])})}).on("click",".clip-pass-field",function(){var a=
document.getElementById(this.dataset.clipboardTarget);clipboard.copy(b.util.decodeEntities(a.dataset.pass)).then(function(){f.ok(b.config.LANG[45])},function(a){f.error(b.config.LANG[46])})});else e.warn(b.config.LANG[65])},g=function(a){e.info("encryptFormValue");var c=a.val();if(""!==c&&parseInt(a.attr("data-length"))!==c.length){if(c.length>b.config.PKI.MAX_SIZE)throw a.val(""),"Data length too big for encrypting";c=b.config.PKI.CRYPTO.encrypt(c);a.val(c);a.attr("data-length",c.length)}},p=function(){e.info("checkLogout");
return"login/logout"===n("r")?(f.sticky(b.config.LANG[61],function(){b.util.redirect("index.php?r=login")}),!0):!1},h={current:"",get:function(){e.info("sk:get");return $("#container").attr("data-sk")},set:function(a){e.info("sk:set");e.debug(a);$("#container").attr("data-sk",a);this.current=a}},e={log:function(a){!0===b.config.DEBUG&&console.log(a)},info:function(a){!0===b.config.DEBUG&&console.info(a)},error:function(a){console.error(a)},warn:function(a){console.warn(a)},debug:function(a){!0===
b.config.DEBUG&&console.debug(a)}};Object.freeze(e);toastr.options={closeButton:!0,debug:!1,newestOnTop:!1,progressBar:!1,positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var q=function(){e.info("setupCallbacks");var a=$("#container"),c=a.data("page");if(0<c.length&&"function"===typeof b.triggers.views[c])b.triggers.views[c](a);
0<$("footer").length&&b.triggers.views.footer();$("#btnBack").click(function(){b.util.redirect("index.php")});b.triggers.bodyHooks()},f={ok:function(a){toastr.success(a)},error:function(a){toastr.error(a)},warn:function(a){toastr.warning(a)},info:function(a){toastr.info(a)},sticky:function(a,c){var d={timeOut:0};"function"===typeof c&&(d.onHidden=c);toastr.warning(a,b.config.LANG[60],d)},out:function(a){if("object"===typeof a){var c=a.status,d=a.description;void 0!==a.messages&&0<a.messages.length&&
(d=d+"<br>"+a.messages.join("<br>"));switch(c){case 0:this.ok(d);break;case 1:this.error(d);break;case 2:this.warn(d);break;case 10:b.actions.main.logout();break;case 100:this.ok(d);this.sticky(d);break;case 101:this.error(d);this.sticky(d);break;case 102:this.warn(d);this.sticky(d);break;default:this.error(d)}}},html:{error:function(a){return'<p class="error round">Oops...<br>'+b.config.LANG[1]+"<br>"+a+"</p>"}}};Object.freeze(f);String.format||(String.format=function(a){var c=Array.prototype.slice.call(arguments,
1);return a.replace(/{(\d+)}/g,function(a,b){return"undefined"!==typeof c[b]?c[b]:a})});var r=function(){e.info("getEnvironment");var a=window.location.pathname.split("/"),c=sysPass.Config();c.setAppRoot(window.location.protocol+"//"+window.location.host+function(){for(var c="",b=1;b<=a.length-2;b++)c+="/"+a[b];return c}());var d=b.requests.getRequestOpts();d.url="/index.php?r=bootstrap/getEnvironment";d.method="get";d.useLoading=!1;d.data={isAjax:1};return b.requests.getActionCall(d,function(a){void 0!==
document.getElementById(this.dataset.clipboardTarget);clipboard.copy(b.util.decodeEntities(a.dataset.pass)).then(function(){f.ok(b.config.LANG[45])},function(a){f.error(b.config.LANG[46])})});else d.warn(b.config.LANG[65])},h=function(a){d.info("encryptFormValue");var c=a.val();if(""!==c&&parseInt(a.attr("data-length"))!==c.length){if(c.length>b.config.PKI.MAX_SIZE)throw a.val(""),"Data length too big for encrypting";c=b.config.PKI.CRYPTO.encrypt(c);a.val(c);a.attr("data-length",c.length)}},q=function(){d.info("checkLogout");
return"login/logout"===p("r")?(f.sticky(b.config.LANG[61],function(){b.util.redirect("index.php?r=login")}),!0):!1},k={current:"",get:function(){d.info("sk:get");return $("#container").attr("data-sk")},set:function(a){d.info("sk:set");d.debug(a);$("#container").attr("data-sk",a);this.current=a}},d={log:function(a){!0===b.config.DEBUG&&console.log(a)},info:function(a){!0===b.config.DEBUG&&console.info(a)},error:function(a){console.error(a)},warn:function(a){console.warn(a)},debug:function(a){!0===
b.config.DEBUG&&console.debug(a)}};Object.freeze(d);toastr.options={closeButton:!0,debug:!1,newestOnTop:!1,progressBar:!1,positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var r=function(){d.info("setupCallbacks");var a=$("#container"),c=a.data("page");if(0<c.length&&"function"===typeof b.triggers.views[c])b.triggers.views[c](a);
0<$("footer").length&&b.triggers.views.footer();$("#btnBack").click(function(){b.util.redirect("index.php")});b.triggers.bodyHooks()},f={ok:function(a){toastr.success(a)},error:function(a){toastr.error(a)},warn:function(a){toastr.warning(a)},info:function(a){toastr.info(a)},sticky:function(a,c){var e={timeOut:0};"function"===typeof c&&(e.onHidden=c);toastr.warning(a,b.config.LANG[60],e)},out:function(a){if("object"===typeof a){var c=a.status,e=a.description;void 0!==a.messages&&0<a.messages.length&&
(e=e+"<br>"+a.messages.join("<br>"));switch(c){case 0:this.ok(e);break;case 1:this.error(e);break;case 2:this.warn(e);break;case 10:b.actions.main.logout();break;case 100:this.ok(e);this.sticky(e);break;case 101:this.error(e);this.sticky(e);break;case 102:this.warn(e);this.sticky(e);break;default:this.error(e)}}},html:{error:function(a){return'<p class="error round">Oops...<br>'+b.config.LANG[1]+"<br>"+a+"</p>"}}};Object.freeze(f);String.format||(String.format=function(a){var c=Array.prototype.slice.call(arguments,
1);return a.replace(/{(\d+)}/g,function(a,b){return"undefined"!==typeof c[b]?c[b]:a})});var t=function(){d.info("getEnvironment");var a=window.location.pathname.split("/"),c=sysPass.Config(),e=window.location.protocol+"//"+window.location.host+function(){for(var c="",b=1;b<=a.length-2;b++)c+="/"+a[b];return c}();c.setAppRoot(e);var g=b.requests.getRequestOpts();g.url=e+"/index.php?r=bootstrap/getEnvironment";g.method="get";g.useLoading=!1;g.data={isAjax:1};return b.requests.getActionCall(g,function(a){void 0!==
a.data&&(c.setLang(a.data.lang),c.setSessionTimeout(a.data.session_timeout),c.setPkiKey(a.data.pki_key),c.setPkiSize(a.data.pki_max_size),c.setCheckUpdates(a.data.check_updates),c.setCheckNotices(a.data.check_notices),c.setCheckNotifications(a.data.check_notifications),c.setTimezone(a.data.timezone),c.setLocale(a.data.locale),c.setDebugEnabled(a.data.debug),c.setFileMaxSize(a.data.max_file_size),c.setFileAccountAllowedMime(a.data.files_allowed_mime),c.setFileImportAllowedMime(a.data.import_allowed_mime),
c.setCookiesEnabled(a.data.cookies_enabled),c.setPlugins(a.data.plugins),c.setLoggedIn(a.data.loggedin),c.setAuthBasicAutologinEnabled(a.data.authbasic_autologin),c.initialize(),b.config=c.getConfig())}).fail(function(){f.error("Error while getting sysPass config<br/>Please try again or check web server logs")})},b={config:sysPass.Config().getConfig(),actions:sysPass.Actions(e),triggers:sysPass.Triggers(e),util:sysPass.Util(e),theme:{},plugins:{},sk:h,msg:f,log:e,encryptFormValue:g},n=function(a){for(var c=
[],b,e=window.location.href.slice(window.location.href.indexOf("?")+1).split("&"),f=0;f<e.length;f++)b=e[f].split("="),c.push(b[0]),c[b[0]]=b[1];return void 0!==a&&void 0!==c[a]?c[a]:c};return function(){e.info("init");"function"===typeof sysPass.Theme&&(b.theme=sysPass.Theme(e));b.requests=sysPass.Requests(b);r().then(function(){if(!p()&&(b.config.PKI.AVAILABLE&&l(),!1===b.config.BROWSER.COOKIES_ENABLED&&f.sticky(b.config.LANG[64]),m(),q(),0<b.config.PLUGINS.length)){e.info("initPlugins");for(var a=
{},c=0;c<b.config.PLUGINS.length;c++){var d=b.config.PLUGINS[c];"function"===typeof sysPass.Plugins[d]&&(a[d]=sysPass.Plugins[d](b))}b.plugins=a;!0===b.config.AUTH.LOGGEDIN&&!0===b.config.STATUS.CHECK_UPDATES&&k()}Object.freeze(b)});return b}()};
c.setCookiesEnabled(a.data.cookies_enabled),c.setPlugins(a.data.plugins),c.setLoggedIn(a.data.loggedin),c.setAuthBasicAutologinEnabled(a.data.authbasic_autologin),c.initialize(),b.config=c.getConfig())}).fail(function(){f.error("Error while getting sysPass config<br/>Please try again or check web server logs")})},b={config:sysPass.Config().getConfig(),actions:sysPass.Actions(d),triggers:sysPass.Triggers(d),util:sysPass.Util(d),theme:{},plugins:{},sk:k,msg:f,log:d,encryptFormValue:h},p=function(a){for(var c=
[],b,d=window.location.href.slice(window.location.href.indexOf("?")+1).split("&"),f=0;f<d.length;f++)b=d[f].split("="),c.push(b[0]),c[b[0]]=b[1];return void 0!==a&&void 0!==c[a]?c[a]:c};return function(){d.info("init");"function"===typeof sysPass.Theme&&(b.theme=sysPass.Theme(d));b.requests=sysPass.Requests(b);t().then(function(){if(!q()&&(b.config.PKI.AVAILABLE&&m(),!1===b.config.BROWSER.COOKIES_ENABLED&&f.sticky(b.config.LANG[64]),n(),r(),0<b.config.PLUGINS.length)){d.info("initPlugins");for(var a=
{},c=0;c<b.config.PLUGINS.length;c++){var e=b.config.PLUGINS[c];"function"===typeof sysPass.Plugins[e]&&(a[e]=sysPass.Plugins[e](b))}b.plugins=a;!0===b.config.AUTH.LOGGEDIN&&!0===b.config.STATUS.CHECK_UPDATES&&l()}Object.freeze(b)});return b}()};

11
tests/res/config/config.xml
View File

@@ -9,12 +9,12 @@
<authBasicAutoLoginEnabled>1</authBasicAutoLoginEnabled>
<authBasicDomain></authBasicDomain>
<authBasicEnabled>1</authBasicEnabled>
<backup_hash>5f5eef95895649260f8bfb4f114b39251cf521f4</backup_hash>
<backup_hash>cdd8f6d489b6b8ba4fcf04c6092e03b8e606f7b2</backup_hash>
<checkUpdates>0</checkUpdates>
<checknotices>0</checknotices>
<configDate>1542583425</configDate>
<configHash>5f791f08c264f6053eb9de6f84825ce6baa6c0df</configHash>
<configSaver></configSaver>
<configDate>1543260127</configDate>
<configHash>2f707e2e37fb26c48baa22bb27099b1519d54808</configHash>
<configSaver>sysPass</configSaver>
<configVersion></configVersion>
<databaseVersion></databaseVersion>
<dbHost></dbHost>
@@ -32,7 +32,7 @@
<dokuwikiUrlBase></dokuwikiUrlBase>
<dokuwikiUser></dokuwikiUser>
<encryptSession>0</encryptSession>
<export_hash>1c3433465d2b0a65bfbae4fe1dae9c2f308d2f4d</export_hash>
<export_hash>236418f6bca1daebfe238be3df7ba0a08a74046f</export_hash>
<filesAllowedExts>
<item type="filesAllowedExts">PDF</item>
<item type="filesAllowedExts">JPG</item>
@@ -66,6 +66,7 @@
<ldapProxyUser></ldapProxyUser>
<ldapServer></ldapServer>
<ldapTlsEnabled>0</ldapTlsEnabled>
<ldapType></ldapType>
<logEnabled>1</logEnabled>
<logEvents></logEvents>
<mailAuthenabled>0</mailAuthenabled>