Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-07 00:46:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

* [ADD] Added wrong logins tracking to deny access when max number of attempts are reached. It has been implemented for log in and API requests. DB upgrade needed

Browse Source 
* [MOD] Updated translations.
This commit is contained in:
nuxsmin
2017-02-26 13:50:13 +01:00
parent fd7d0023a3
commit ea241cd3b3
32 changed files with 18434 additions and 17636 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
inc/SP/Account/Account.class.php
View File

@@ -28,19 +28,16 @@ use Defuse\Crypto\Exception\CryptoException;
use SP\Core\Crypt\Crypt;
use SP\Core\Crypt\Session as CryptSession;
use SP\Core\Exceptions\QueryException;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\Core\Session;
use SP\DataModel\AccountData;
use SP\DataModel\AccountExtData;
use SP\DataModel\GroupAccountsData;
use SP\Log\Email;
use SP\Log\Log;
use SP\Mgmt\Groups\GroupAccounts;
use SP\Mgmt\Groups\GroupAccountsUtil;
use SP\Storage\DB;
use SP\Storage\QueryData;
use SP\Util\Checks;
defined('APP_ROOT') || die();
@@ -311,7 +308,7 @@ class Account extends AccountBase implements AccountInterface
* @throws \SP\Core\Exceptions\SPException
* @throws \SP\Core\Exceptions\QueryException
*/
protected function setPasswordEncrypted($masterPass = null)
public function setPasswordEncrypted($masterPass = null)
{
try {
$masterPass = $masterPass ?: CryptSession::getSessionKey();

23
inc/SP/Api/ApiBase.class.php
View File

@@ -94,6 +94,8 @@ abstract class ApiBase implements ApiInterface
$this->ApiTokenData = ApiToken::getItem()->getTokenByToken($this->actionId, $data->params->authToken);
if ($this->ApiTokenData === false) {
ApiUtil::addTracking();
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
@@ -150,8 +152,10 @@ abstract class ApiBase implements ApiInterface
protected function doAuth()
{
if ($this->UserData->isUserIsDisabled()
|| !Hash::checkHashKey($this->getParam('pass', true), $this->ApiTokenData->getAuthtokenHash())
|| !Hash::checkHashKey($this->getParam('tokenPass', true), $this->ApiTokenData->getAuthtokenHash())
) {
ApiUtil::addTracking();
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
}
@@ -159,9 +163,9 @@ abstract class ApiBase implements ApiInterface
/**
* Devolver el valor de un parámetro
*
* @param string $name Nombre del parámetro
* @param bool $required Si es requerido
* @param mixed $default Valor por defecto
* @param string $name Nombre del parámetro
* @param bool $required Si es requerido
* @param mixed $default Valor por defecto
* @return int|string
* @throws SPException
*/
@@ -189,7 +193,12 @@ abstract class ApiBase implements ApiInterface
try {
/** @var Vault $Vault */
$Vault = unserialize($this->ApiTokenData->getAuthtokenVault());
return $Vault->getData($this->getParam('pass') . $this->getParam('authToken'));
if ($Vault && $pass = $Vault->getData($this->getParam('tokenPass') . $this->getParam('authToken'))) {
return $pass;
} else {
throw new SPException(SPException::SP_ERROR, __('Error interno', false), __('Datos inválidos', false));
}
} catch (CryptoException $e) {
throw new SPException(SPException::SP_ERROR, __('Error interno', false), $e->getMessage());
}
@@ -204,6 +213,8 @@ abstract class ApiBase implements ApiInterface
protected function checkActionAccess($action)
{
if ($this->actionId !== $action) {
ApiUtil::addTracking();
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
}
@@ -236,6 +247,8 @@ abstract class ApiBase implements ApiInterface
protected function checkAuth()
{
if ($this->auth === false) {
ApiUtil::addTracking();
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
}

45
inc/SP/Api/ApiRequest.class.php
View File

@@ -2,8 +2,8 @@
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2017, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
@@ -24,14 +24,16 @@
namespace SP\Api;
defined('APP_ROOT') || die();
use ReflectionClass;
use SP\Core\Exceptions\InvalidArgumentException;
use SP\Core\Exceptions\SPException;
use SP\DataModel\TrackData;
use SP\Http\Request;
use SP\Mgmt\Tracks\Track;
use SP\Util\Json;
defined('APP_ROOT') || die();
/**
* Class ApiRequest encargada de atender la peticiones a la API de sysPass
*
@@ -49,6 +51,8 @@ class ApiRequest
*/
const ACTION = 'action';
const AUTH_TOKEN = 'authToken';
const TIME_TRACKING_MAX_ATTEMPTS = 5;
const TIME_TRACKING = 300;
/**
* @var \stdClass
@@ -76,7 +80,7 @@ class ApiRequest
'error' => [
'code' => $code,
'message' => __($e->getMessage()),
'data' => $class === SPException::class || $class === InvalidArgumentException::class ? $e->getHint() : ''
'data' => $class === SPException::class || $class === InvalidArgumentException::class ? __($e->getHint()) : ''
],
'id' => ($code === -32700 || $code === -32600) ? null : $this->getId()
];
@@ -115,6 +119,7 @@ class ApiRequest
protected function init()
{
try {
$this->checkTracking();
$this->analyzeRequestMethod();
$this->getRequestData();
$this->checkBasicData();
@@ -124,6 +129,33 @@ class ApiRequest
}
}
/**
* Comprobar los intentos de login
*
* @throws \SP\Core\Exceptions\AuthException
* @throws \SP\Core\Exceptions\SPException
*/
private function checkTracking()
{
try {
$TrackData = new TrackData();
$TrackData->setTrackSource('API');
$TrackData->setTrackIp($_SERVER['REMOTE_ADDR']);
$attempts = count(Track::getItem($TrackData)->getTracksForClientFromTime(time() - self::TIME_TRACKING));
} catch (SPException $e) {
throw new SPException(SPException::SP_ERROR, __('Error interno', false), __FUNCTION__, -32601);
}
if ($attempts >= self::TIME_TRACKING_MAX_ATTEMPTS) {
ApiUtil::addTracking();
sleep(0.3 * $attempts);
throw new SPException(SPException::SP_INFO, __('Intentos excedidos', false), '', -32601);
}
}
/**
* Analizar y establecer el método HTTP a utilizar
*
@@ -189,10 +221,13 @@ class ApiRequest
$this->ApiReflection = new ReflectionClass(SyspassApi::class);
if (!$this->ApiReflection->hasMethod($this->data->method)) {
ApiUtil::addTracking();
throw new SPException(SPException::SP_WARNING, __('Acción Inválida', false), '', -32601);
}
}
/**
* Obtener el id de la acción
*

57
inc/SP/Api/ApiUtil.class.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2017, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Api;
defined('APP_ROOT') || die();
use SP\Core\Exceptions\SPException;
use SP\DataModel\TrackData;
use SP\Mgmt\Tracks\Track;
/**
* Class ApiUtil
*
* @package SP\Api
*/
class ApiUtil
{
/**
* Añadir un seguimiento
*
* @throws \SP\Core\Exceptions\SPException
*/
public static function addTracking()
{
try {
$TrackData = new TrackData();
$TrackData->setTrackSource('API');
$TrackData->setTrackIp($_SERVER['REMOTE_ADDR']);
Track::getItem($TrackData)->add();
} catch (SPException $e) {
throw new SPException(SPException::SP_WARNING, __('Error interno', false), '', -32601);
}
}
}

14
inc/SP/Api/SyspassApi.class.php
View File

@@ -24,6 +24,8 @@
namespace SP\Api;
defined('APP_ROOT') || die();
use SP\Account\Account;
use SP\Account\AccountAcl;
use SP\Account\AccountSearch;
@@ -41,8 +43,6 @@ use SP\Mgmt\Categories\CategorySearch;
use SP\Mgmt\Customers\Customer;
use SP\Mgmt\Customers\CustomerSearch;
defined('APP_ROOT') || die();
/**
* Class Api para la gestión de peticiones a la API de sysPass
*
@@ -182,7 +182,8 @@ class SyspassApi extends ApiBase
$Account = new Account($AccountData);
$Account->createAccount();
$Account->setPasswordEncrypted($this->getMPass());
$Account->createAccount(false);
$LogMessage = $this->Log->getLogMessage();
$LogMessage->setAction(__('Crear Cuenta', false));
@@ -463,7 +464,7 @@ class SyspassApi extends ApiBase
'id' => ActionsInterface::ACTION_ACC_VIEW_PASS,
'help' => [
'id' => __('Id de la cuenta'),
'userPass' => __('Clave del usuario asociado al token'),
'tokenPass' => __('Clave del token'),
'details' => __('Devolver detalles en la respuesta')
]
],
@@ -479,8 +480,7 @@ class SyspassApi extends ApiBase
'getAccountData' => [
'id' => ActionsInterface::ACTION_ACC_VIEW,
'help' => [
'id' => __('Id de la cuenta'),
'userPass' => __('Clave del usuario asociado al token')
'id' => __('Id de la cuenta')
]
],
'deleteAccount' => [
@@ -492,7 +492,7 @@ class SyspassApi extends ApiBase
'addAccount' => [
'id' => ActionsInterface::ACTION_ACC_NEW,
'help' => [
'userPass' => __('Clave del usuario asociado al token'),
'tokenPass' => __('Clave del token'),
'name' => __('Nombre de cuenta'),
'categoryId' => __('Id de categoría'),
'customerId' => __('Id de cliente'),

80
inc/SP/Controller/LoginController.class.php
View File

@@ -24,6 +24,8 @@
namespace SP\Controller;
defined('APP_ROOT') || die();
use Defuse\Crypto\Exception\BadFormatException;
use Defuse\Crypto\Exception\CryptoException;
use SP\Auth\Auth;
@@ -32,7 +34,6 @@ use SP\Auth\AuthUtil;
use SP\Auth\Browser\BrowserAuthData;
use SP\Auth\Database\DatabaseAuthData;
use SP\Auth\Ldap\LdapAuthData;
use SP\Core\Crypt\Session as CryptSession;
use SP\Core\CryptMasterPass;
use SP\Core\DiFactory;
use SP\Core\Exceptions\AuthException;
@@ -42,6 +43,7 @@ use SP\Core\Language;
use SP\Core\Messages\LogMessage;
use SP\Core\Session;
use SP\Core\SessionUtil;
use SP\DataModel\TrackData;
use SP\DataModel\UserLoginData;
use SP\DataModel\UserPassRecoverData;
use SP\Http\JsonResponse;
@@ -49,6 +51,7 @@ use SP\Http\Request;
use SP\Log\Log;
use SP\Mgmt\Groups\Group;
use SP\Mgmt\Profiles\Profile;
use SP\Mgmt\Tracks\Track;
use SP\Mgmt\Users\UserLdap;
use SP\Mgmt\Users\UserPass;
use SP\Mgmt\Users\UserPassRecover;
@@ -65,11 +68,20 @@ use SP\Util\Util;
*/
class LoginController
{
/**
* Estados
*/
const STATUS_INVALID_LOGIN = 1;
const STATUS_INVALID_MASTER_PASS = 2;
const STATUS_USER_DISABLED = 3;
const STATUS_INTERNAL_ERROR = 4;
const STATUS_NEED_OLD_PASS = 5;
const STATUS_MAX_ATTEMPTS_EXCEEDED = 6;
/**
* Tiempo para contador de intentos
*/
const TIME_TRACKING = 600;
const TIME_TRACKING_MAX_ATTEMPTS = 5;
/**
* @var JsonResponse
@@ -118,6 +130,8 @@ class LoginController
$Log = new Log($this->LogMessage);
try {
$this->checkTracking();
$Auth = new Auth($this->UserData);
$result = $Auth->doAuth();
@@ -131,6 +145,8 @@ class LoginController
}
}
} else {
$this->addTracking();
throw new AuthException(SPException::SP_INFO, __('Login incorrecto', false), '', self::STATUS_INVALID_LOGIN);
}
@@ -164,6 +180,54 @@ class LoginController
Json::returnJson($this->jsonResponse);
}
/**
* Comprobar los intentos de login
*
* @throws \SP\Core\Exceptions\AuthException
*/
private function checkTracking()
{
try {
$TrackData = new TrackData();
$TrackData->setTrackSource('Login');
$TrackData->setTrackIp($_SERVER['REMOTE_ADDR']);
$attempts = count(Track::getItem($TrackData)->getTracksForClientFromTime(time() - self::TIME_TRACKING));
} catch (SPException $e) {
$this->LogMessage->addDescription($e->getMessage());
throw new AuthException(SPException::SP_ERROR, __('Error interno', false), '', self::STATUS_INTERNAL_ERROR);
}
if ($attempts >= self::TIME_TRACKING_MAX_ATTEMPTS) {
$this->addTracking();
sleep(0.3 * $attempts);
$this->LogMessage->addDescription(sprintf(__('Intentos excedidos (%d/%d)'), $attempts, self::TIME_TRACKING_MAX_ATTEMPTS));
throw new AuthException(SPException::SP_INFO, __('Intentos excedidos', false), '', self::STATUS_MAX_ATTEMPTS_EXCEEDED);
}
}
/**
* Añadir un seguimiento
*
* @throws \SP\Core\Exceptions\AuthException
*/
private function addTracking()
{
try {
$TrackData = new TrackData();
$TrackData->setTrackSource('Login');
$TrackData->setTrackIp($_SERVER['REMOTE_ADDR']);
Track::getItem($TrackData)->add();
} catch (SPException $e) {
throw new AuthException(SPException::SP_ERROR, __('Error interno', false), '', self::STATUS_INTERNAL_ERROR);
}
}
/**
* Obtener los datos del usuario
*
@@ -195,6 +259,8 @@ class LoginController
$this->LogMessage->addDescription(__('Usuario deshabilitado', false));
$this->LogMessage->addDetails(__('Usuario', false), $this->UserData->getLogin());
$this->addTracking();
throw new AuthException(SPException::SP_INFO, __('Usuario deshabilitado', false), '', self::STATUS_USER_DISABLED);
} elseif ($this->UserData->isUserIsChangePass()) {
$hash = Util::generateRandomBytes();
@@ -238,6 +304,8 @@ class LoginController
if (!UserPass::updateUserMPass($masterPass, $this->UserData)) {
$this->LogMessage->addDescription(__('Clave maestra incorrecta', false));
$this->addTracking();
throw new AuthException(SPException::SP_INFO, __('Clave maestra incorrecta', false), '', self::STATUS_INVALID_MASTER_PASS);
} else {
$this->LogMessage->addDescription(__('Clave maestra actualizada', false));
@@ -246,6 +314,8 @@ class LoginController
if (!UserPass::updateMasterPassFromOldPass($oldPass, $this->UserData)) {
$this->LogMessage->addDescription(__('Clave maestra incorrecta', false));
$this->addTracking();
throw new AuthException(SPException::SP_INFO, __('Clave maestra incorrecta', false), '', self::STATUS_INVALID_MASTER_PASS);
} else {
$this->LogMessage->addDescription(__('Clave maestra actualizada', false));
@@ -258,6 +328,8 @@ class LoginController
case UserPass::MPASS_NOTSET:
case UserPass::MPASS_CHANGED:
case UserPass::MPASS_WRONG:
$this->addTracking();
throw new AuthException(SPException::SP_INFO, __('La clave maestra no ha sido guardada o es incorrecta', false), '', self::STATUS_INVALID_MASTER_PASS);
break;
}
@@ -376,6 +448,8 @@ class LoginController
if ($LdapAuthData->getStatusCode() === 49) {
$this->LogMessage->addDescription(__('Login incorrecto', false));
$this->addTracking();
throw new AuthException(SPException::SP_INFO, $this->LogMessage->getDescription(), '', self::STATUS_INVALID_LOGIN);
} elseif ($LdapAuthData->getStatusCode() === 701) {
$this->LogMessage->addDescription(__('Cuenta expirada', false));
@@ -431,6 +505,8 @@ class LoginController
$this->LogMessage->addDescription(__('Login incorrecto', false));
$this->LogMessage->addDetails(__('Usuario', false), $this->UserData->getLogin());
$this->addTracking();
throw new AuthException(SPException::SP_INFO, $this->LogMessage->getDescription(), '', self::STATUS_INVALID_LOGIN);
} elseif ($AuthData->getAuthenticated() === 1) {
$this->LogMessage->addDetails(__('Tipo', false), __FUNCTION__);
@@ -455,6 +531,8 @@ class LoginController
$this->LogMessage->addDetails(__('Usuario', false), $this->UserData->getLogin());
$this->LogMessage->addDetails(__('Autentificación', false), sprintf('%s (%s)', AuthUtil::getServerAuthType(), $AuthData->getName()));
$this->addTracking();
throw new AuthException(SPException::SP_INFO, $this->LogMessage->getDescription(), '', self::STATUS_INVALID_LOGIN);
} elseif ($AuthData->getAuthenticated() === 1) {
$this->LogMessage->addDetails(__('Tipo', false), __FUNCTION__);

2
inc/SP/Controller/MainController.class.php
View File

@@ -458,7 +458,7 @@ class MainController extends ControllerBase implements ActionsInterface
$this->view->assign('constraints', $constraints);
}
if ($version < 20117022101) {
if ($version < 21017022601) {
$this->view->assign('numAccounts', Account::getNumAccounts());
}

8
inc/SP/Core/Upgrade/Upgrade.class.php
View File

@@ -52,10 +52,10 @@ defined('APP_ROOT') || die();
*/
class Upgrade
{
private static $dbUpgrade = [110, 1121, 1122, 1123, 11213, 11219, 11220, 12001, 12002, 1316011001, 1316100601, 20017011302, 20017011701, 20017012901];
private static $dbUpgrade = [110, 1121, 1122, 1123, 11213, 11219, 11220, 12001, 12002, 1316011001, 1316100601, 20017011302, 20017011701, 21017022601];
private static $cfgUpgrade = [1124, 1316020501, 20017011202];
private static $auxUpgrade = [12001, 12002, 20017010901, 20017011202];
private static $appUpgrade = [20117022101];
private static $appUpgrade = [21017022601];
/**
* Inicia el proceso de actualización de la BBDD.
@@ -153,7 +153,7 @@ class Upgrade
$Data->setQuery($query);
DB::getQuery($Data);
} catch (SPException $e) {
$LogMessage->addDescription(__('Error al aplicar la actualización de la Base de Datos.', false));
$LogMessage->addDescription(__('Error al aplicar la actualización de la Base de Datos', false));
$LogMessage->addDetails('ERROR', sprintf('%s (%s)', $e->getMessage(), $e->getCode()));
$Log->setLogLevel(Log::ERROR);
$Log->writeLog();
@@ -210,7 +210,7 @@ class Upgrade
private static function appUpgrades($version)
{
switch ($version) {
case 20117022101:
case 21017022601:
$dbResult = true;
$databaseVersion = (int)str_replace('.', '', ConfigDB::getValue('version'));

189
inc/SP/DataModel/TrackData.class.php Normal file
View File

@@ -0,0 +1,189 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2017, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\DataModel;
use SP\Core\Exceptions\InvalidArgumentException;
use SP\Core\Exceptions\SPException;
/**
* Class TrackData
*
* @package SP\DataModel
*/
class TrackData extends DataModelBase
{
/**
* @var int
*/
public $track_id;
/**
* @var int
*/
public $track_userId = 0;
/**
* @var string
*/
public $track_source = '';
/**
* @var int
*/
public $track_time = 0;
/**
* @var string
*/
public $track_ipv4 = '';
/**
* @var string
*/
public $track_ipv6 = '';
/**
* @return int
*/
public function getTrackId()
{
return (int)$this->track_id;
}
/**
* @param int $track_id
*/
public function setTrackId($track_id)
{
$this->track_id = (int)$track_id;
}
/**
* @return int
*/
public function getTrackUserId()
{
return (int)$this->track_userId;
}
/**
* @param int $track_userId
*/
public function setTrackUserId($track_userId)
{
$this->track_userId = (int)$track_userId;
}
/**
* @return string
*/
public function getTrackSource()
{
return $this->track_source;
}
/**
* @param string $track_source
*/
public function setTrackSource($track_source)
{
$this->track_source = $track_source;
}
/**
* @return int
*/
public function getTrackTime()
{
return (int)$this->track_time;
}
/**
* @param int $track_time
*/
public function setTrackTime($track_time)
{
$this->track_time = (int)$track_time;
}
/**
* @return string
*/
public function getTrackIpv4()
{
return @inet_ntop($this->track_ipv4);
}
/**
* @param string $track_ipv4
*/
public function setTrackIpv4($track_ipv4)
{
$this->track_ipv4 = @inet_pton($track_ipv4);
}
/**
* @param string $track_ip
* @throws \SP\Core\Exceptions\InvalidArgumentException
*/
public function setTrackIp($track_ip)
{
$ip = @inet_pton($track_ip);
if (strlen($ip) === 4) {
$this->track_ipv4 = $ip;
} elseif (strlen($ip) > 4) {
$this->track_ipv6 = $ip;
} elseif ($ip === false) {
throw new InvalidArgumentException(SPException::SP_ERROR, __('IP inválida'));
}
}
/**
* @return int
*/
public function getTrackIpv4Bin()
{
return $this->track_ipv4;
}
/**
* @return string
*/
public function getTrackIpv6()
{
return @inet_ntop($this->track_ipv6);
}
/**
* @param string $track_ipv6
*/
public function setTrackIpv6($track_ipv6)
{
$this->track_ipv6 = @inet_pton($track_ipv6);
}
/**
* @return string
*/
public function getTrackIpv6Bin()
{
return $this->track_ipv6;
}
}

2
inc/SP/Mgmt/Files/File.class.php
View File

@@ -120,7 +120,7 @@ class File extends FileBase implements ItemInterface, ItemSelectInterface
$Data = new QueryData();
$Data->setQuery($query);
$Data->addParam($id);
$Data->setOnErrorMessage(__('Error al eliminar archivo', false));
$Data->setOnErrorMessage(__('Error al eliminar el archivo', false));
DB::getQuery($Data);

240
inc/SP/Mgmt/Tracks/Track.class.php Normal file
View File

@@ -0,0 +1,240 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2017, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Mgmt\Tracks;
use SP\Mgmt\ItemInterface;
use SP\Storage\DB;
use SP\Storage\QueryData;
/**
* Class Track
*
* @package SP\Mgmt\Tracks
*/
class Track extends TrackBase implements ItemInterface
{
/**
* @return mixed
* @throws \SP\Core\Exceptions\QueryException
* @throws \SP\Core\Exceptions\ConstraintException
*/
public function add()
{
$query = /** @lang SQL */
'INSERT INTO track SET
track_userId = ?,
track_source = ?,
track_time = UNIX_TIMESTAMP(),
track_ipv4 = ?,
track_ipv6 = ?';
$Data = new QueryData();
$Data->setQuery($query);
$Data->addParam($this->itemData->getTrackUserId());
$Data->addParam($this->itemData->getTrackSource());
$Data->addParam($this->itemData->getTrackIpv4Bin());
$Data->addParam($this->itemData->getTrackIpv6Bin());
$Data->setOnErrorMessage(__('Error al crear track', false));
DB::getQuery($Data);
$this->itemData->setTrackId(DB::$lastId);
return $this;
}
/**
* @param $id int|array
* @return mixed
* @throws \SP\Core\Exceptions\QueryException
* @throws \SP\Core\Exceptions\ConstraintException
*/
public function delete($id)
{
$query = /** @lang SQL */
'DELETE FROM track WHERE track_id = ? LIMIT 1';
$Data = new QueryData();
$Data->setQuery($query);
$Data->addParam($this->itemData->getTrackId());
$Data->setOnErrorMessage(__('Error al eliminar track', false));
return DB::getQuery($Data);
}
/**
* @return bool
* @throws \SP\Core\Exceptions\QueryException
* @throws \SP\Core\Exceptions\ConstraintException
*/
public function update()
{
$query = /** @lang SQL */
'UPDATE track SET
track_userId = ?,
track_source = ?,
track_time = UNIX_TIMESTAMP(),
track_ipv4 = ?,
track_ipv6 = ?
WHERE track_id = ? LIMIT 1';
$Data = new QueryData();
$Data->setQuery($query);
$Data->addParam($this->itemData->getTrackUserId());
$Data->addParam($this->itemData->getTrackSource());
$Data->addParam($this->itemData->getTrackIpv4Bin());
$Data->addParam($this->itemData->getTrackIpv6Bin());
$Data->addParam($this->itemData->getTrackId());
$Data->setOnErrorMessage(__('Error al actualizar track', false));
return DB::getQuery($Data);
}
/**
* @param $id int
* @return mixed
* @throws \SP\Core\Exceptions\QueryException
* @throws \SP\Core\Exceptions\ConstraintException
*/
public function getById($id)
{
$query = /** @lang SQL */
'SELECT track_id,
track_userId,
track_source,
track_time,
track_ipv4,
track_ipv6
FROM track
WHERE track_id = ? LIMIT 1';
$Data = new QueryData();
$Data->setMapClassName($this->getDataModel());
$Data->setQuery($query);
$Data->addParam($this->itemData->getTrackId());
$Data->setOnErrorMessage(__('Error al obtener track', false));
return DB::getResults($Data);
}
/**
* @return array
* @throws \SP\Core\Exceptions\QueryException
* @throws \SP\Core\Exceptions\ConstraintException
*/
public function getAll()
{
$query = /** @lang SQL */
'SELECT track_id,
track_userId,
track_source,
track_time,
track_ipv4,
track_ipv6 FROM track';
$Data = new QueryData();
$Data->setMapClassName($this->getDataModel());
$Data->setQuery($query);
$Data->addParam($this->itemData->getTrackId());
$Data->setOnErrorMessage(__('Error al obtener tracks', false));
return DB::getResultsArray($Data);
}
/**
* @param $id int
* @return mixed
*/
public function checkInUse($id)
{
// TODO: Implement checkInUse() method.
}
/**
* @return bool
*/
public function checkDuplicatedOnUpdate()
{
// TODO: Implement checkDuplicatedOnUpdate() method.
}
/**
* @return bool
*/
public function checkDuplicatedOnAdd()
{
// TODO: Implement checkDuplicatedOnAdd() method.
}
/**
* Eliminar elementos en lote
*
* @param array $ids
* @return $this
*/
public function deleteBatch(array $ids)
{
// TODO: Implement deleteBatch() method.
}
/**
* Devolver los elementos con los ids especificados
*
* @param array $ids
* @return mixed
*/
public function getByIdBatch(array $ids)
{
// TODO: Implement getByIdBatch() method.
}
/**
* Devuelve los tracks de un cliente desde un tiempo y origen determinados
*
* @param $time
* @return array
*/
public function getTracksForClientFromTime($time)
{
$query = /** @lang SQL */
'SELECT track_id, track_userId
FROM track
WHERE track_time >= ?
AND (track_ipv4 = ? OR track_ipv6 = ?)
AND track_source = ?';
$Data = new QueryData();
$Data->setMapClassName($this->getDataModel());
$Data->setQuery($query);
$Data->addParam($time);
$Data->addParam($this->itemData->getTrackIpv4Bin());
$Data->addParam($this->itemData->getTrackIpv6Bin());
$Data->addParam($this->itemData->getTrackSource());
$Data->setOnErrorMessage(__('Error al obtener tracks', false));
return DB::getResultsArray($Data);
}
}

65
inc/SP/Mgmt/Tracks/TrackBase.class.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2017, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Mgmt\Tracks;
defined('APP_ROOT') || die();
use SP\DataModel\TrackData;
use SP\Mgmt\ItemBase;
/**
* Class TrackBase
*
* @package SP\Mgmt\Tracks
*/
abstract class TrackBase extends ItemBase
{
/** @var TrackData */
protected $itemData;
/**
* Track constructor.
*
* @param $itemData
* @throws \SP\Core\Exceptions\InvalidClassException
*/
public function __construct($itemData = null)
{
if (!$this->dataModel) {
$this->setDataModel(TrackData::class);
}
parent::__construct($itemData);
}
/**
* Devolver los datos del elemento
* @return TrackData
*/
public function getItemData()
{
return parent::getItemData();
}
}

4
inc/SP/Storage/DB.class.php
View File

@@ -110,7 +110,7 @@ class DB
} catch (SPException $e) {
$queryData->setQueryStatus($e->getCode());
self::logDBException($queryData->getQuery(), $e->getMessage(), $e->getCode(), __FUNCTION__);
self::logDBException($queryData->getQuery(), $e, __FUNCTION__);
return false;
}
@@ -310,7 +310,7 @@ class DB
$db = new DB();
return $db->doQuery($queryData, true);
} catch (SPException $e) {
self::logDBException($queryData->getQuery(), $e->getMessage(), $e->getCode(), __FUNCTION__);
self::logDBException($queryData->getQuery(), $e, __FUNCTION__);
throw $e;
}

6
inc/SP/Util/Util.class.php
View File

@@ -178,7 +178,7 @@ class Util
*/
public static function getVersionString()
{
return '2.0';
return '2.1';
}
/**
@@ -372,8 +372,8 @@ class Util
*/
public static function getVersion($retBuild = false)
{
$build = '17022101';
$version = [2, 0, 1];
$build = '17022601';
$version = [2, 1, 0];
if ($retBuild) {
$version[] = $build;

BIN
inc/locales/ca_ES/LC_MESSAGES/messages.mo
View File

Binary file not shown.

9146
inc/locales/ca_ES/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
inc/locales/de_DE/LC_MESSAGES/messages.mo
View File

Binary file not shown.

1311
inc/locales/de_DE/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
inc/locales/en_US/LC_MESSAGES/messages.mo
View File

Binary file not shown.

1556
inc/locales/en_US/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
inc/locales/fr_FR/LC_MESSAGES/messages.mo
View File

Binary file not shown.

11084
inc/locales/fr_FR/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
inc/locales/po_PO/LC_MESSAGES/messages.mo
View File

Binary file not shown.

9474
inc/locales/po_PO/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

BIN
inc/locales/ru_RU/LC_MESSAGES/messages.mo
View File

Binary file not shown.

2666
inc/locales/ru_RU/LC_MESSAGES/messages.po
View File

File diff suppressed because it is too large Load Diff

13
inc/sql/20117022101.sql
View File

@@ -10,5 +10,16 @@ ALTER TABLE `usrData`
CHANGE COLUMN `user_mIV` `user_mKey` VARBINARY(1000) NULL DEFAULT NULL;
ALTER TABLE `authTokens`
ADD COLUMN `authtoken_vault` VARBINARY(2000) NULL,
ADD COLUMN `authtoken_hash` VARBINARY(100) NULL;
CHANGE COLUMN `authtoken_hash` `authtoken_hash` VARBINARY(100) NULL;
CREATE TABLE `track` (
`track_id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
`track_userId` SMALLINT(5) UNSIGNED NULL,
`track_source` VARCHAR(100) NOT NULL,
`track_time` INT UNSIGNED NOT NULL,
`track_ipv4` BINARY(4) NOT NULL,
`track_ipv6` BINARY(16) NULL,
PRIMARY KEY (`track_id`),
INDEX `IDX_userId` (`track_userId` ASC),
INDEX `IDX_time-ip-source` (`track_time` ASC, `track_ipv4` ASC, `track_ipv6` ASC, `track_source` ASC)
) ENGINE = InnoDB DEFAULT CHARACTER SET = utf8;

44
inc/sql/dbstructure.sql
View File

@@ -19,7 +19,7 @@ CREATE TABLE `customers` (
`customer_description` varchar(255) DEFAULT NULL,
PRIMARY KEY (`customer_id`),
KEY `IDX_name` (`customer_name`,`customer_hash`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `categories`;
@@ -31,7 +31,7 @@ CREATE TABLE `categories` (
`category_hash` varbinary(40) NOT NULL,
`category_description` varchar(255) DEFAULT NULL,
PRIMARY KEY (`category_id`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `usrGroups`;
@@ -42,7 +42,7 @@ CREATE TABLE `usrGroups` (
`usergroup_name` varchar(50) NOT NULL,
`usergroup_description` varchar(255) DEFAULT NULL,
PRIMARY KEY (`usergroup_id`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `usrProfiles`;
@@ -53,7 +53,7 @@ CREATE TABLE `usrProfiles` (
`userprofile_name` varchar(45) NOT NULL,
`userProfile_profile` blob NOT NULL,
PRIMARY KEY (`userprofile_id`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `usrData`;
@@ -90,7 +90,7 @@ CREATE TABLE `usrData` (
KEY `fk_usrData_profiles_id_idx` (`user_profileId`),
CONSTRAINT `fk_usrData_groups_id` FOREIGN KEY (`user_groupId`) REFERENCES `usrGroups` (`usergroup_id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_usrData_profiles_id` FOREIGN KEY (`user_profileId`) REFERENCES `usrProfiles` (`userprofile_id`) ON DELETE RESTRICT ON UPDATE RESTRICT
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `accounts`;
@@ -131,7 +131,7 @@ CREATE TABLE `accounts` (
CONSTRAINT `fk_accounts_user_edit_id` FOREIGN KEY (`account_userEditId`) REFERENCES `usrData` (`user_id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_accounts_customer_id` FOREIGN KEY (`account_customerId`) REFERENCES `customers` (`customer_id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_accounts_userGroup_id` FOREIGN KEY (`account_userGroupId`) REFERENCES `usrGroups` (`usergroup_id`) ON DELETE NO ACTION ON UPDATE NO ACTION
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `accFavorites`;
@@ -161,7 +161,7 @@ CREATE TABLE `accFiles` (
PRIMARY KEY (`accfile_id`),
KEY `IDX_accountId` (`accfile_accountId`),
CONSTRAINT `fk_accFiles_accounts_id` FOREIGN KEY (`accfile_accountId`) REFERENCES `accounts` (`account_id`) ON DELETE NO ACTION ON UPDATE NO ACTION
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `accGroups`;
@@ -219,7 +219,7 @@ CREATE TABLE `accHistory` (
CONSTRAINT `fk_accHistory_category_id` FOREIGN KEY (`acchistory_categoryId`) REFERENCES `categories` (`category_id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_accHistory_customer_id` FOREIGN KEY (`acchistory_customerId`) REFERENCES `customers` (`customer_id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_accHistory_userGroup_id` FOREIGN KEY (`acchistory_userGroupId`) REFERENCES `usrGroups` (`usergroup_id`) ON DELETE NO ACTION ON UPDATE NO ACTION
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `tags`;
@@ -232,7 +232,7 @@ CREATE TABLE `tags` (
PRIMARY KEY (`tag_id`),
UNIQUE KEY `tag_hash_UNIQUE` (`tag_hash`),
KEY `IDX_name` (`tag_name`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `accTags`;
@@ -280,7 +280,7 @@ CREATE TABLE `authTokens` (
KEY `fk_authTokens_users_createdby_id` (`authtoken_createdBy`),
CONSTRAINT `fk_authTokens_user_id` FOREIGN KEY (`authtoken_userId`) REFERENCES `usrData` (`user_id`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `fk_authTokens_createdBy_id` FOREIGN KEY (`authtoken_createdBy`) REFERENCES `usrData` (`user_id`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `config`;
@@ -337,7 +337,7 @@ CREATE TABLE `log` (
`log_description` text,
`log_level` varchar(20) NOT NULL,
PRIMARY KEY (`log_id`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `publicLinks`;
@@ -393,7 +393,8 @@ CREATE TABLE `plugins` (
`plugin_data` VARBINARY(5000) NULL,
`plugin_enabled` BIT(1) NOT NULL DEFAULT b'0',
PRIMARY KEY (`plugin_id`),
UNIQUE INDEX `plugin_name_UNIQUE` (`plugin_name` ASC));
UNIQUE INDEX `plugin_name_UNIQUE` (`plugin_name` ASC)
) ENGINE = InnoDB DEFAULT CHARACTER SET = utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `notices`;
@@ -411,7 +412,24 @@ CREATE TABLE `notices` (
`notice_onlyAdmin` BIT(1) NULL DEFAULT b'0',
PRIMARY KEY (`notice_id`),
INDEX `IDX_userId` (`notice_userId` ASC, `notice_checked` ASC, `notice_date` ASC),
INDEX `IDX_component` (`notice_component` ASC, `notice_date` ASC, `notice_checked` ASC, `notice_userId` ASC));
INDEX `IDX_component` (`notice_component` ASC, `notice_date` ASC, `notice_checked` ASC, `notice_userId` ASC)
) ENGINE = InnoDB DEFAULT CHARACTER SET = utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `track`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `track` (
`track_id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
`track_userId` SMALLINT(5) UNSIGNED NULL,
`track_source` VARCHAR(100) NOT NULL,
`track_time` INT UNSIGNED NOT NULL,
`track_ipv4` BINARY(4) NOT NULL,
`track_ipv6` BINARY(16) NULL,
PRIMARY KEY (`track_id`),
INDEX `IDX_userId` (`track_userId` ASC),
INDEX `IDX_time-ip-source` (`track_time` ASC, `track_ipv4` ASC, `track_ipv6` ASC, `track_source` ASC)
) ENGINE = InnoDB DEFAULT CHARACTER SET = utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `account_data_v`;

2
inc/themes/material-blue/views/config/backup.inc
View File

@@ -179,7 +179,7 @@
<div id="help_export" class="help-box" title="<?php echo $icons->getIconHelp()->getTitle(); ?>">
<p class="help-text"><?php echo __('La exportación de cuentas permite guardar las cuentas y sus datos en formato XML para posteriormente poder ser importados en otras instancias de sysPass.'); ?></p>
<p class="help-text"><?php echo __('Los elementos exportados son cuentas, clientes y categorías.'); ?></p>
<p class="help-text"><?php echo __('Los elementos exportados son cuentas, clientes, categorías y etiquetas.'); ?></p>
<p class="help-text"><?php echo __('Las claves de las cuentas son exportadas de forma encriptada para mayor seguridad.'); ?></p>

2
inc/themes/material-blue/views/main/upgrade.inc
View File

@@ -105,7 +105,7 @@
<?php endif; ?>
<?php endif; ?>
<?php if ($version < 20117022101): ?>
<?php if ($version < 21017022601): ?>
<div>
<ul class="errors">
<li class="msg-warning">

2
js/app-main.js
View File

@@ -184,7 +184,7 @@ sysPass.Main = function () {
msg.sticky(description);
break;
default:
return;
msg.error(description);
}
}
},

30
js/app-main.min.js vendored
View File

@@ -1,4 +1,4 @@
var $jscomp={scope:{}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,g,f){if(f.get||f.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[g]=f.value)};$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global&&null!=global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.SYMBOL_PREFIX="jscomp_symbol_";
var $jscomp={scope:{}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,g,f){if(f.get||f.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[g]=f.value)};$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.SYMBOL_PREFIX="jscomp_symbol_";
$jscomp.initSymbol=function(){$jscomp.initSymbol=function(){};$jscomp.global.Symbol||($jscomp.global.Symbol=$jscomp.Symbol)};$jscomp.symbolCounter_=0;$jscomp.Symbol=function(a){return $jscomp.SYMBOL_PREFIX+(a||"")+$jscomp.symbolCounter_++};
$jscomp.initSymbolIterator=function(){$jscomp.initSymbol();var a=$jscomp.global.Symbol.iterator;a||(a=$jscomp.global.Symbol.iterator=$jscomp.global.Symbol("iterator"));"function"!=typeof Array.prototype[a]&&$jscomp.defineProperty(Array.prototype,a,{configurable:!0,writable:!0,value:function(){return $jscomp.arrayIterator(this)}});$jscomp.initSymbolIterator=function(){}};$jscomp.arrayIterator=function(a){var g=0;return $jscomp.iteratorPrototype(function(){return g<a.length?{done:!1,value:a[g++]}:{done:!0}})};
$jscomp.iteratorPrototype=function(a){$jscomp.initSymbolIterator();a={next:a};a[$jscomp.global.Symbol.iterator]=function(){return this};return a};$jscomp.array=$jscomp.array||{};$jscomp.iteratorFromArray=function(a,g){$jscomp.initSymbolIterator();a instanceof String&&(a+="");var f=0,c={next:function(){if(f<a.length){var e=f++;return{value:g(e,a[e]),done:!1}}c.next=function(){return{done:!0,value:void 0}};return c.next()}};c[Symbol.iterator]=function(){return c};return c};
@@ -6,17 +6,17 @@ $jscomp.polyfill=function(a,g,f,c){if(g){f=$jscomp.global;a=a.split(".");for(c=0
$jscomp.findInternal=function(a,g,f){a instanceof String&&(a=String(a));for(var c=a.length,e=0;e<c;e++){var m=a[e];if(g.call(f,m,e,a))return{i:e,v:m}}return{i:-1,v:void 0}};$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,f){return $jscomp.findInternal(this,a,f).v}},"es6-impl","es3");
sysPass.Main=function(){var a={APP_ROOT:"",LANG:[],PK:"",MAX_FILE_SIZE:1024,CRYPT:new JSEncrypt,CHECK_UPDATES:!1,TIMEZONE:"",LOCALE:"",DEBUG:""},g={passLength:0,minPasswordLength:8,complexity:{numbers:!0,symbols:!0,uppercase:!0,numlength:12}},f={},c={},e={},m={},q={},n={},k={log:function(b){!0===a.DEBUG&&console.log(b)},info:function(b){!0===a.DEBUG&&console.info(b)},error:function(b){console.error(b)},warn:function(b){console.warn(b)}};toastr.options={closeButton:!0,debug:!1,newestOnTop:!1,progressBar:!1,
positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var w=function(){k.info("setupCallbacks");var b=$("#container").data("page");if(""!==b&&"function"===typeof c.views[b])c.views[b]();0<$("footer").length&&c.views.footer();$("#btnBack").click(function(){r("index.php")});c.bodyHooks()},l={ok:function(b){toastr.success(b)},error:function(b){toastr.error(b)},
warn:function(b){toastr.warning(b)},info:function(b){toastr.info(b)},sticky:function(b,h){var d={timeOut:0};"function"===typeof h&&(d.onHidden=h);toastr.warning(b,a.LANG[60],d)},out:function(b){if("object"===typeof b){var a=b.status,d=b.description;void 0!==b.messages&&0<b.messages.length&&(d=d+"<br>"+b.messages.join("<br>"));switch(a){case 0:l.ok(d);break;case 1:case 2:case 4:l.error(d);break;case 3:l.warn(d);break;case 10:e.main.logout();break;case 100:l.ok(d),l.sticky(d)}}},html:{error:function(b){return'<p class="error round">Oops...<br>'+
a.LANG[1]+"<br>"+b+"</p>"}}},x=function(b){k.info("getEnvironment");var h=window.location.pathname.split("/");a.APP_ROOT=window.location.protocol+"//"+window.location.host+function(){for(var b="",a=1;a<=h.length-2;a++)b+="/"+h[a];return b}();var d=m.getRequestOpts();d.url="/ajax/ajax_getEnvironment.php";d.method="get";d.async=!1;d.useLoading=!1;d.data={isAjax:1};m.getActionCall(d,function(d){a.LANG=d.lang;a.PK=d.pk;a.CHECK_UPDATES=d.check_updates;a.CRYPT.setPublicKey(d.pk);a.TIMEZONE=d.timezone;a.LOCALE=
d.locale;a.DEBUG=d.debug;a.MAX_FILE_SIZE=parseInt(d.max_file_size);"function"===typeof b&&b()})},t={get:function(){k.info("sk:get");return $("#container").attr("data-sk")},set:function(a){k.info("sk:set");$("#container").attr("data-sk",a)}},y=function(){var a=$("#container");if(!a.hasClass("content-no-auto-resize")){var h=$("#content").height()+200;a.css("height",h)}},z=function(){$("html, body").animate({scrollTop:0},"slow")},A=function(a){for(var b=[],d,c=window.location.href.slice(window.location.href.indexOf("?")+
1).split("&"),f=0;f<c.length;f++)d=c[f].split("="),b.push(d[0]),b[d[0]]=d[1];return void 0!==a&&void 0!==b[a]?b[a]:b},B=function(){k.info("checkLogout");1===parseInt(A("logout"))&&l.sticky(a.LANG[61],function(){r("index.php")})},r=function(a){window.location.replace(a)},C=function(b){var h={actionId:b.data("action-id"),itemId:b.data("item-id"),sk:t.get()},d={requestDoneAction:"",setRequestData:function(a){$.extend(h,a)},getRequestData:function(){return h},beforeSendAction:"",url:""},f=function(a){if(void 0===
d.url||""===d.url)return!1;var b=new FormData;b.append("inFile",a);b.append("isAjax",1);h.sk=t.get();Object.keys(h).forEach(function(a){b.append(a,h[a])});a=m.getRequestOpts();a.url=d.url;a.processData=!1;a.contentType=!1;a.data=b;m.getActionCall(a,function(a){var b=a.status;a=a.description;0===b?("function"===typeof d.requestDoneAction&&d.requestDoneAction(),l.ok(a)):10===b?e.main.logout():l.error(a)})},c=function(d){if(5<d.length)l.error(a.LANG[17]+" (Max: 5)");else for(var h=0;h<d.length;h++){var p=
d[h];if(p.size/1E3>a.MAX_FILE_SIZE)l.error(a.LANG[18]+"<br>"+p.name+" (Max: "+a.MAX_FILE_SIZE+")");else{var c;a:{c=p.name;for(var g=b.data("files-ext").toLowerCase().split(","),e=0;e<=g.length;e++)if(-1!==c.indexOf(g[e])){c=!0;break a}c=!1}c?f(d[h]):l.error(a.LANG[19]+"<br>"+p.name)}}},g=function(a){var b=$("#fileUploadForm");!1===a&&b.hide();a=b.find("input[type='file']");a.on("change",function(){"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(this.files)});return a};window.File&&
window.FileList&&window.FileReader?function(){k.info("fileUpload:init");var a=g(!1);b.on("dragover dragenter",function(a){k.info("fileUpload:drag");a.stopPropagation();a.preventDefault()});b.on("drop",function(a){k.info("fileUpload:drop");a.stopPropagation();a.preventDefault();"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(a.originalEvent.dataTransfer.files)});b.on("click",function(){a.click()})}():g(!0);return d},D=function(a){k.info("checkPassLevel");g.passLength=a.val().length;
v(zxcvbn(a.val()),a)},v=function(b,h){k.info("outputResult");var d=$(".passLevel-"+h.attr("id")),c=b.score;d.show();d.removeClass("weak good strong strongest");0===g.passLength?d.attr("title","").empty():g.passLength<g.minPasswordLength?d.attr("title",a.LANG[11]).addClass("weak"):0===c?d.attr("title",a.LANG[9]+" - "+b.feedback.warning).addClass("weak"):1===c||2===c?d.attr("title",a.LANG[8]+" - "+b.feedback.warning).addClass("good"):3===c?d.attr("title",a.LANG[7]).addClass("strong"):4===c&&d.attr("title",
a.LANG[10]).addClass("strongest")},E=function(b){$(b).find(".checkbox").button({icons:{primary:"ui-icon-transferthick-e-w"}}).click(function(){var b=$(this);!0===b.prop("checked")?b.button("option","label",a.LANG[40]):b.button("option","label",a.LANG[41])})},u=function(b){k.info("encryptFormValue");var c=b.val();""!==c&&parseInt(b.attr("data-length"))!==c.length&&(c=a.CRYPT.encrypt(c),b.val(c),b.attr("data-length",c.length))},F=function(){k.info("initializeClipboard");var b=new Clipboard(".clip-pass-button",
{text:function(a){return e.account.copypass($(a)).responseJSON.data.accpass}});b.on("success",function(b){l.ok(a.LANG[45])});b.on("error",function(b){l.error(a.LANG[46])});var b=new Clipboard(".dialog-clip-pass-button"),c=new Clipboard(".dialog-clip-user-button");b.on("success",function(a){$(".dialog-user-text").removeClass("dialog-clip-copy");$(".dialog-pass-text").addClass("dialog-clip-copy");a.clearSelection()});c.on("success",function(a){$(".dialog-pass-text").removeClass("dialog-clip-copy");
$(".dialog-user-text").addClass("dialog-clip-copy");a.clearSelection()});(new Clipboard(".clip-pass-icon")).on("success",function(b){l.ok(a.LANG[45]);b.clearSelection()})},G=function(){k.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);a.hasClass("passwordfield__no-pki")||u(a)}).on("keypress",":input[type=password]",function(a){13===a.keyCode&&(a.preventDefault(),a=$(this),u(a),a.closest("form").submit())})},H=function(a,c){console.info("Eval: "+a);if("function"===
typeof a)a(c);else throw Error("Function not found: "+a);},I=function(a){k.info("resizeImage");var b=.9*$(window).width(),d=.9*$(window).height(),c={width:a.width(),height:a.height()},f={calc:0,main:0,secondary:0,factor:.9,rel:c.width/c.height},g=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.main<a.secondary&&(a.calc=a.main*a.rel);a.calc>a.secondary&&(a.main*=a.factor,g(a));return a},e=function(){f.main=b;f.secondary=d;var e=g(f);a.css({width:e.main,height:e.calc});c.width=e.main;c.height=
e.calc},l=function(){f.main=d;f.secondary=b;var e=g(f);a.css({width:e.calc,height:e.main});c.width=e.calc;c.height=e.main};c.width>b?e():c.height>d&&(k.info("height"),l());return c},J=function(){return $.extend({log:k,config:function(){return a},appTheme:function(){return f},appActions:function(){return e},appTriggers:function(){return c},appRequests:function(){return m},evalAction:H,resizeImage:I},q)},K=function(){return{actions:function(){return e},triggers:function(){return c},theme:function(){return f},
sk:t,msg:l,log:k,passToClip:0,passwordData:g,outputResult:v,checkboxDetect:E,checkPassLevel:D,encryptFormValue:u,fileUpload:C,redirect:r,scrollUp:z,setContentSize:y}};(function(){k.info("init");q=K();n=J();c=sysPass.Triggers(n);e=sysPass.Actions(n);m=sysPass.Requests(n);x(function(){""!==a.PK&&G();"function"===typeof sysPass.Theme&&(f=sysPass.Theme(n));!0===a.CHECK_UPDATES&&e.main.getUpdates();F();w();B()})})();return q};
warn:function(b){toastr.warning(b)},info:function(b){toastr.info(b)},sticky:function(b,h){var d={timeOut:0};"function"===typeof h&&(d.onHidden=h);toastr.warning(b,a.LANG[60],d)},out:function(b){if("object"===typeof b){var a=b.status,d=b.description;void 0!==b.messages&&0<b.messages.length&&(d=d+"<br>"+b.messages.join("<br>"));switch(a){case 0:l.ok(d);break;case 1:case 2:case 4:l.error(d);break;case 3:l.warn(d);break;case 10:e.main.logout();break;case 100:l.ok(d);l.sticky(d);break;default:l.error(d)}}},
html:{error:function(b){return'<p class="error round">Oops...<br>'+a.LANG[1]+"<br>"+b+"</p>"}}},x=function(b){k.info("getEnvironment");var h=window.location.pathname.split("/");a.APP_ROOT=window.location.protocol+"//"+window.location.host+function(){for(var b="",a=1;a<=h.length-2;a++)b+="/"+h[a];return b}();var d=m.getRequestOpts();d.url="/ajax/ajax_getEnvironment.php";d.method="get";d.async=!1;d.useLoading=!1;d.data={isAjax:1};m.getActionCall(d,function(d){a.LANG=d.lang;a.PK=d.pk;a.CHECK_UPDATES=
d.check_updates;a.CRYPT.setPublicKey(d.pk);a.TIMEZONE=d.timezone;a.LOCALE=d.locale;a.DEBUG=d.debug;a.MAX_FILE_SIZE=parseInt(d.max_file_size);"function"===typeof b&&b()})},t={get:function(){k.info("sk:get");return $("#container").attr("data-sk")},set:function(a){k.info("sk:set");$("#container").attr("data-sk",a)}},y=function(){var a=$("#container");if(!a.hasClass("content-no-auto-resize")){var h=$("#content").height()+200;a.css("height",h)}},z=function(){$("html, body").animate({scrollTop:0},"slow")},
A=function(a){for(var b=[],d,c=window.location.href.slice(window.location.href.indexOf("?")+1).split("&"),f=0;f<c.length;f++)d=c[f].split("="),b.push(d[0]),b[d[0]]=d[1];return void 0!==a&&void 0!==b[a]?b[a]:b},B=function(){k.info("checkLogout");1===parseInt(A("logout"))&&l.sticky(a.LANG[61],function(){r("index.php")})},r=function(a){window.location.replace(a)},C=function(b){var h={actionId:b.data("action-id"),itemId:b.data("item-id"),sk:t.get()},d={requestDoneAction:"",setRequestData:function(a){$.extend(h,
a)},getRequestData:function(){return h},beforeSendAction:"",url:""},f=function(a){if(void 0===d.url||""===d.url)return!1;var b=new FormData;b.append("inFile",a);b.append("isAjax",1);h.sk=t.get();Object.keys(h).forEach(function(a){b.append(a,h[a])});a=m.getRequestOpts();a.url=d.url;a.processData=!1;a.contentType=!1;a.data=b;m.getActionCall(a,function(a){var b=a.status;a=a.description;0===b?("function"===typeof d.requestDoneAction&&d.requestDoneAction(),l.ok(a)):10===b?e.main.logout():l.error(a)})},
c=function(d){if(5<d.length)l.error(a.LANG[17]+" (Max: 5)");else for(var h=0;h<d.length;h++){var p=d[h];if(p.size/1E3>a.MAX_FILE_SIZE)l.error(a.LANG[18]+"<br>"+p.name+" (Max: "+a.MAX_FILE_SIZE+")");else{var c;a:{c=p.name;for(var g=b.data("files-ext").toLowerCase().split(","),e=0;e<=g.length;e++)if(-1!==c.indexOf(g[e])){c=!0;break a}c=!1}c?f(d[h]):l.error(a.LANG[19]+"<br>"+p.name)}}},g=function(a){var b=$("#fileUploadForm");!1===a&&b.hide();a=b.find("input[type='file']");a.on("change",function(){"function"===
typeof d.beforeSendAction&&d.beforeSendAction();c(this.files)});return a};window.File&&window.FileList&&window.FileReader?function(){k.info("fileUpload:init");var a=g(!1);b.on("dragover dragenter",function(a){k.info("fileUpload:drag");a.stopPropagation();a.preventDefault()});b.on("drop",function(a){k.info("fileUpload:drop");a.stopPropagation();a.preventDefault();"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(a.originalEvent.dataTransfer.files)});b.on("click",function(){a.click()})}():
g(!0);return d},D=function(a){k.info("checkPassLevel");g.passLength=a.val().length;v(zxcvbn(a.val()),a)},v=function(b,h){k.info("outputResult");var d=$(".passLevel-"+h.attr("id")),c=b.score;d.show();d.removeClass("weak good strong strongest");0===g.passLength?d.attr("title","").empty():g.passLength<g.minPasswordLength?d.attr("title",a.LANG[11]).addClass("weak"):0===c?d.attr("title",a.LANG[9]+" - "+b.feedback.warning).addClass("weak"):1===c||2===c?d.attr("title",a.LANG[8]+" - "+b.feedback.warning).addClass("good"):
3===c?d.attr("title",a.LANG[7]).addClass("strong"):4===c&&d.attr("title",a.LANG[10]).addClass("strongest")},E=function(b){$(b).find(".checkbox").button({icons:{primary:"ui-icon-transferthick-e-w"}}).click(function(){var b=$(this);!0===b.prop("checked")?b.button("option","label",a.LANG[40]):b.button("option","label",a.LANG[41])})},u=function(b){k.info("encryptFormValue");var c=b.val();""!==c&&parseInt(b.attr("data-length"))!==c.length&&(c=a.CRYPT.encrypt(c),b.val(c),b.attr("data-length",c.length))},
F=function(){k.info("initializeClipboard");var b=new Clipboard(".clip-pass-button",{text:function(a){return e.account.copypass($(a)).responseJSON.data.accpass}});b.on("success",function(b){l.ok(a.LANG[45])});b.on("error",function(b){l.error(a.LANG[46])});var b=new Clipboard(".dialog-clip-pass-button"),c=new Clipboard(".dialog-clip-user-button");b.on("success",function(a){$(".dialog-user-text").removeClass("dialog-clip-copy");$(".dialog-pass-text").addClass("dialog-clip-copy");a.clearSelection()});
c.on("success",function(a){$(".dialog-pass-text").removeClass("dialog-clip-copy");$(".dialog-user-text").addClass("dialog-clip-copy");a.clearSelection()});(new Clipboard(".clip-pass-icon")).on("success",function(b){l.ok(a.LANG[45]);b.clearSelection()})},G=function(){k.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);a.hasClass("passwordfield__no-pki")||u(a)}).on("keypress",":input[type=password]",function(a){13===a.keyCode&&(a.preventDefault(),a=$(this),u(a),
a.closest("form").submit())})},H=function(a,c){console.info("Eval: "+a);if("function"===typeof a)a(c);else throw Error("Function not found: "+a);},I=function(a){k.info("resizeImage");var b=.9*$(window).width(),d=.9*$(window).height(),c={width:a.width(),height:a.height()},f={calc:0,main:0,secondary:0,factor:.9,rel:c.width/c.height},g=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.main<a.secondary&&(a.calc=a.main*a.rel);a.calc>a.secondary&&(a.main*=a.factor,g(a));return a},e=function(){f.main=
b;f.secondary=d;var e=g(f);a.css({width:e.main,height:e.calc});c.width=e.main;c.height=e.calc},l=function(){f.main=d;f.secondary=b;var e=g(f);a.css({width:e.calc,height:e.main});c.width=e.calc;c.height=e.main};c.width>b?e():c.height>d&&(k.info("height"),l());return c},J=function(){return $.extend({log:k,config:function(){return a},appTheme:function(){return f},appActions:function(){return e},appTriggers:function(){return c},appRequests:function(){return m},evalAction:H,resizeImage:I},q)},K=function(){return{actions:function(){return e},
triggers:function(){return c},theme:function(){return f},sk:t,msg:l,log:k,passToClip:0,passwordData:g,outputResult:v,checkboxDetect:E,checkPassLevel:D,encryptFormValue:u,fileUpload:C,redirect:r,scrollUp:z,setContentSize:y}};(function(){k.info("init");q=K();n=J();c=sysPass.Triggers(n);e=sysPass.Actions(n);m=sysPass.Requests(n);x(function(){""!==a.PK&&G();"function"===typeof sysPass.Theme&&(f=sysPass.Theme(n));!0===a.CHECK_UPDATES&&e.main.getUpdates();F();w();B()})})();return q};