This repository has been archived by the owner on Dec 13, 2022. It is now read-only.
[SNYK] Sanitize and bind ACL class queries #11392
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Queries sanitized and bound using PDO statement
spaces between (int) cast and variables
emabassi-ext
requested review from
callapa,
lpinsivy,
kduret,
jeremyjaouen and
a team
kduret
reviewed
Jul 18, 2022
jeremyjaouen
approved these changes
Jul 19, 2022
|
SonarQube Quality Gate
|
100.0% reviewed)
kduret
approved these changes
Jul 20, 2022
emabassi-ext
added a commit
that referenced
this pull request
Jul 20, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Jul 26, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Jul 29, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Jul 29, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Jul 29, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Jul 29, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Jul 31, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
emabassi-ext
added a commit
that referenced
this pull request
Aug 4, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
chgautier
added a commit
that referenced
this pull request
Aug 4, 2022
* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com>
Noha-ElAbrouki
added a commit
that referenced
this pull request
Aug 5, 2022
* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com>
kduret
added a commit
that referenced
this pull request
Aug 5, 2022
* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com>
emabassi-ext
added a commit
that referenced
this pull request
Aug 8, 2022
* Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters
tuntoja
added a commit
that referenced
this pull request
Aug 23, 2022
* fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * chore(install): Update version to 21.04.17 * fix(sql): fix query to select contact during ldap import (#11580) Refs: MON-14263 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: chgautier <cgautier@centreon.com>
chgautier
added a commit
that referenced
this pull request
Aug 25, 2022
* fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com>
chgautier
added a commit
that referenced
this pull request
Aug 26, 2022
* Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com>
TamazC
added a commit
that referenced
this pull request
Aug 31, 2022
* fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com>
chgautier
added a commit
that referenced
this pull request
Sep 5, 2022
* Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
tuntoja
added a commit
that referenced
this pull request
Sep 21, 2022
* fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com>
tuntoja
added a commit
that referenced
this pull request
Sep 21, 2022
* query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja
added a commit
that referenced
this pull request
Sep 21, 2022
* Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * chore(release): merge release-22.04.next into 22.04.x (#11821) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com>
tuntoja
added a commit
that referenced
this pull request
Sep 21, 2022
* query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja
added a commit
that referenced
this pull request
Oct 3, 2022
* fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * Rebase dev2204x on 2204x (#11824) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * chore(release): merge release-22.04.next into 22.04.x (#11821) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on n…
tuntoja
added a commit
that referenced
this pull request
Oct 3, 2022
* query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(release): merge release-21.04.next into 21.04.x (#11819) (#11826) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * FIX: SQLi in poller's broker configuration 21.04.x (#11779) * sanitize and bind pollers broker config queries * applying suggested changes * chore(release): update version to 21.04.19 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja
added a commit
that referenced
this pull request
Oct 3, 2022
* Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * chore(release): merge release-22.04.next into 22.04.x (#11821) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * chore(release): merge release-22.04.next in 22.04.x (#11911) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries …
chgautier
added a commit
that referenced
this pull request
Oct 3, 2022
* chore(release): merge release-21.04.next into 21.04.x (#11819) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * chore(release): merge release-21.04.next into 21.04.x (#11909) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(release): merge release-21.04.next into 21.04.x (#11819) (#11826) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * FIX: SQLi in poller's broker configuration 21.04.x (#11779) * sanitize and bind pollers broker config queries * applying suggested changes * chore(release): update version to 21.04.19 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * Update www/install/php/Update-21.04.19.php Co-authored-by: tuntoja <58987095+tuntoja@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
TamazC
added a commit
that referenced
this pull request
Oct 3, 2022
* fix(conf): fix disabling additive inheritance * Fix: Remove obsolete code in legacy service detail page (#11848) (#11879) * Remove obsolete code in legacy service detail page * restore deleted code * remove obsolete code in legacy service detail page and query sanitizeà * Fix: Sanitize and bind menu topology listing dev-22.04.x (#11882) * Fix: Sanitize and bind menu topology listing (#11832) * sanitize and bind menu topology listing * fix bug in query closing * editing TopologyRepositoryTest file and change the query * typo * changes in phpDoc of query method * fix timezone issue websso (#11900) * Rebase dev2204x on 2204x (#11914) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * chore(release): merge release-22.04.next into 22.04.x (#11821) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * chore(release): merge release-22.04.next in 22.04.x (#11911) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234…
tuntoja
added a commit
that referenced
this pull request
Oct 12, 2022
* chore(release): merge release-21.04.next into 21.04.x (#11819) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * chore(release): merge release-21.04.next into 21.04.x (#11909) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(release): merge release-21.04.next into 21.04.x (#11819) (#11826) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * FIX: SQLi in poller's broker configuration 21.04.x (#11779) * sanitize and bind pollers broker config queries * applying suggested changes * chore(release): update version to 21.04.19 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * Update www/install/php/Update-21.04.19.php Co-authored-by: tuntoja <58987095+tuntoja@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja
added a commit
that referenced
this pull request
Oct 12, 2022
* fix(conf): fix disabling additive inheritance * Fix: Remove obsolete code in legacy service detail page (#11848) (#11879) * Remove obsolete code in legacy service detail page * restore deleted code * remove obsolete code in legacy service detail page and query sanitizeà * Fix: Sanitize and bind menu topology listing dev-22.04.x (#11882) * Fix: Sanitize and bind menu topology listing (#11832) * sanitize and bind menu topology listing * fix bug in query closing * editing TopologyRepositoryTest file and change the query * typo * changes in phpDoc of query method * fix timezone issue websso (#11900) * Rebase dev2204x on 2204x (#11914) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * chore(release): merge release-22.04.next into 22.04.x (#11821) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * chore(release): merge release-22.04.next in 22.04.x (#11911) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234…
tuntoja
added a commit
that referenced
this pull request
Oct 13, 2022
* Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * chore(release): merge release-22.04.next into 22.04.x (#11821) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(release):rebase dev-22.04.x on 22.04.x (#11627) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 * chore(git): update codeowners (#11594) * chore(release):rebase dev-22.04.x on 22.04.x (#11688) * Merge release-22.04.3 into 22.04.x (#11623) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) * fix export graph image after selecting png Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * Fix(platform): Removing appkey key (#11511) * fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327) Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID. This PR aims to remove the restriction on the uniqueness of the OID of a trap. * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528) * fix(test): fix random fails on virtual metric test (#11523) Refs: MON-14359 * fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532) Refs: MON-14496 * fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534) Refs: MON-7417 * fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533) Refs: MON-12296 * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * doc(ack): acknowledge Hakaï security (#11540) * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556) Refs: MON-12828 Co-authored-by: Stéphane Duret <sduret@centreon.com> * SNYK: Sanitize and bind ACL actions queries (#11547) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11550) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11564) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11561) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11570) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11567) * sanityze 2 insert queries * spaces removed in a query * chore(install):Update version to 22.04.3 * fix(sql): fix query to select contact during ldap import (#11578) Refs: MON-14263 * fix(UI): Fix layout for Safari and form validation (#11373) (#11604) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> * chore(release): merge hotfix-MON-14893-index-data (#11681) * fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668) Refs: MON-14848 Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix invalid values for index_data.special (#11669) * chore(install):update version to 22.04.4 Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * fix(api): fix call to api on fresh install (#11536) (#11537) Refs: MON-12296 * fix(api): do not init db connection in event subscriber (#11543) (#11545) Refs: MON-12296 * fix(partition): adapt control of database version (#11609) (#11610) * fix(openid): correctly set contact_location while creating session (#11613) (#11614) * fix(lang): Fixed FR typo (#11621) * enh(UI): Add a “Parent alias“ column on the monitoring resources sta… (#11542) * enh(UI): Add a “Parent alias“ column on the monitoring resources status page (#11190) * Add column ParentAlias * Add new label ParentAlias * Add column ParentAlias and new column component * Add new card to display Parent Alias * Remove tile in Details Panel, enhancement not expected * FIx eslint issue * Fix naming on label parent alias * Add translation * Add line at the end of files * Add line at the end of file * fix issues * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Tom Darneix <tomdar87@outlook.com> * Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> * Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * Fix issue on messages.po file Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> * query sanitized in listServiceCategoriesà (#11597) (#11632) * MON-14797 reorganizes dependencies (#11612) * Fix encoding issue on status serviceXML (#11581) * sanitize and bind in centreon connector query (#11635) * sanitize insrert queries in db-func (#11650) MON-14667 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> * fix(details): remove dead code (#11672) (#11686) * fix(conf) fix parent template display in service template listing (#11671) (#11676) * fix(poller): fix remote server duplication (#11552) (#11674) * fix(poller): fix remote server duplication (#11552) Refs: MON-14579 Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> * fix translation for host and service category (#11626) * fix(clapi): Check that user is admin to use clapi (#11631) (#11640) * Sanitized and bound queries in service argumentsXml fil (#11653) MON-14669 * Sanitize and bind listVirtualMetrics queries (#11647) * sanitize and bind host categories queries (#11645) * Ãbind queries an fix array binding(#11656) * fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690) Refs: MON-14869 * Sanitize and bind service group dependecies queries 22.04.x (#11665) * MON-14425 fix centreon.ini and autoconfigure timezone (#11608) * enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618) * Display the 2 access pictograms logs and report on details panel * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> * Update www/front_src/src/Resources/Details/Header.tsx Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> * fix(resource-status): add missing alias to Host detail factory (#11642) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698) Refs: MON-14919 * fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701) Refs: MON-14806 Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * Fix: In Acces group the second select not working [ACL] 22.04.x (#11709) * fix second select not working * applying suggested changes * fix(details): second part of code cleanup for "tools" (#11718) (#11721) * fix (#11724) * FIX: Sanitize and bind graph configuration queries 22.04.x (#11729) * [Fix]:Sanitize and bind queries in template of service listing (#11746) * [Fix]:Sanitize and bind queries in template of service listing * work on tamazC suggestion * fix(resource): Fix bad SQL request (#11702) (#11749) * FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733) * sanitize and bind meta service config * applying suggested changes * Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731) * sanitize and bind CLAPI poller config * remove unecessary comment * revert deleted imports * FIX: Sanitize and bind command configuration queries 22.04.x (#11754) * fix(partition): fix condition for database version (#11657) (#11756) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com> Co-authored-by: jcaro <jcaro@centreon.com> Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com> Co-authored-by: Bruno d'Auria <bdauria@centreon.com> Co-authored-by: Luiz Costa <me@luizgustavo.pro.br> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com> Co-authored-by: JKancel <JKancel@users.noreply.github.com> Co-authored-by: Eric Coquard <eric.coquard@gmail.com> * chore(release): merge release-22.04.next in 22.04.x (#11911) * fix(git): resync 22.04.x to dev-22.04.x (#11503) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries * fix issues * removed old variable userCrypted and the use of it (#11334) (#11352) Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> * enh(Header/userMenu):reduce spacing user menu (#11393) * update user menu * fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443) * fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399) Refs: MON-14377 * Sanitized and bound queries (#11413) (#11445) lines : 130 -142 * Snyk: Sanitize and bind media sync queries 22.04.x (#11418) * sanitizing and binding sync dir file queries * Applying some fixes * Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395) * Snyk: Sanitize and bind Auth class queries 22.04.x (#11448) * [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440) * fix(UI): Fix layout for Safari and form validation (#11373) * Fix form validation * Fix padlock layout for safari * Update centreon-frontend * Remove debug variable * Fix test * Fix page respsoniveness * Rename variable * update deps * Fix package-lock * Fix package-lock * Add debug statement for debian * Install nodejs rather npm * Attempt fix * Attempt to fix nodejs installation * add sudo * Fix redoc-cli usage * Try to fix permission on npm * Fix * Fix permission * Fix permission (please work) * Fix source * Stop using npx because..... * Allow legacy-peer-deps * Remove nodejs installation * Fix image to pull for debian 11 * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421) 1122 1153 1134 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * feat(api): implement endpoint to update centreon web (#11391) (#11401) Refs: MON-12296 * Clean(platform): Clean appKey method and usage 22.04.x (#11452) * Clean(platform): Clean appKey method and usage (#11336) * removing appKey from information table in baseConf and 22.10 update script * removing appKey from NotifyMasterService.php * removing appKey from CentreonRemoteServer.php * applying suggested changes * Applying suggested changes Co-authored-by: Kevin Duret <kduret@centreon.com> * adding 22.04.2 update script file with changes * revert 22.04 beta 1 script to its original Co-authored-by: Kevin Duret <kduret@centreon.com> * enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461) * changing select with select2 of metrics * fix alignement * remove unecessary files and replace selec by select2 in formComponentTemplate * fix select id name for acceptance tests * update composer for acceptance tests * fix acceptance test 2 * add allow clear to metrics select2 * applying suggested changes * final changes for merging * remove unecessary select tag * [SNYK] Sanitize and bind ACL class queries (#11392) (#11472) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(conf) fix broker conf name display in listing (#11372) (#11376) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: Tom Darneix <tomdar87@outlook.com> Co-authored-by: alaunois <alaunois@centreon.com> * fix(cron): Escape database name in CentACL 22.04.x (#11510) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504) Refs: MON-14585 * fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519) Co-authored-by: VHS <listas.vhs@gmail.com> Co-authored-by: VHS <listas.vhs@gmail.com> * fix(Resources/Graph): export graph image after selecting png (#11491) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394) * Sanitize and bind ACL host dependency queries …
tuntoja
added a commit
that referenced
this pull request
Oct 13, 2022
* chore(release): merge release-21.04.next into 21.04.x (#11819) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * chore(release): merge release-21.04.next into 21.04.x (#11909) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(release): merge release-21.04.next into 21.04.x (#11819) (#11826) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * FIX: SQLi in poller's broker configuration 21.04.x (#11779) * sanitize and bind pollers broker config queries * applying suggested changes * chore(release): update version to 21.04.19 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * chore(release): merge hotfix-mon-15384 in 21.04.x (#11980) * enh(auth): autologin enhancement (#11958) Refs: MON-15384 * update version to 21.04.20 Co-authored-by: Kevin Duret <kduret@centreon.com> * chore(release):rebase dev-21.04.x on 21.04.x (#11916) * chore(release): merge release-21.04.next into 21.04.x (#11819) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * chore(release): merge release-21.04.next into 21.04.x (#11909) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(release): merge release-21.04.next into 21.04.x (#11819) (#11826) * query sanitized in listServiceCategoriesà (#11597) (#11634) * sanitize and bind in centreon connector queriy (#11637) * Sanitize and bind listVirtualMetrics queries (#11649) * sanitize and bind host categories queryà (#11591) (#11646) * sanitize insrert queries in db-func (#11652) MON-14667 * Sanitized and bound queries in service argumentsXml file (#11655) MON-14669 * (fix) service status : encoding issue on status page (#11583) * fix(git): sync dev-21.04.x with 21.04.x (#11526) * [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11521) * Sanitize and bind ACL host dependency queries * fix issues * [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11517) 1122 1153 1134 * removed old variable userCrypted and the use of it (#11334) (#11516) * fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11506) Refs: MON-14585 * [Snyk] Sanitize and bind ACL action access queries (#11385) (#11514) * Sanitize and bind ACL action access queries _ sanitize if possible each variables inserted in a query _ use PDO prepared statement and bind() method _ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc) * fix line length * fix failed checks * [SNYK] Sanitize and bind ACL class queries (#11392) (#11513) * Sanitize and bind ACL class queries Queries sanitized and bound using PDO statement * fix spaces spaces between (int) cast and variables * update file delete spaces after comma * change variables names due to a review * Line exceeds 120 characters; contains 123 characters * fix(pendo): correctly set locale when language is detection by browser (#11484) (#11530) Refs: MON-14039 * doc(ack): acknowledge Hakaï security (#11538) * SNYK: Sanitize and bind ACL actions queries (#11549) * sanitizing and binding acl actions queries * fix missing bind * SNYK: Sanitize and bind Broker listing queries (#11553) * Sanitizing and binding broker listing queries * applying suggested changes * fix(conf) fix encoding in template service listing (#11558) (#11566) * fix encoding * remove useless function * SNYK: Sanitize and bind generateImage queries (#11563) * sanitize and bind generate image queries * adding throw exception * applying suggested changes * Update www/include/views/graphs/generateGraphs/generateImage.php Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * MON-14501 - sanitize query in centreonXmlbgRequest class (#11572) * sanitize query in centreonXmlbgRequest class * add closeCursor func to resolve conv * SNYK: Sanitize and bind Meta-Services dependency queries (#11554) (#11569) * sanityze 2 insert queries * spaces removed in a query * Fix encoding issue on status serviceXML Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> * Sanitize and bind service group dependecies queries (#11667) * fix(conf) fix parent template display in service template listing (#11671) (#11678) * fix(details): remove dead code (#11672) (#11684) * fix(clapi): Check that user is admin to use clapi (#11631) (#11638) * fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11700) Refs: MON-14919 * fix(details): second part of code cleanup for "tools" (#11725) * fix(resource): Fix bad SQL request (#11702) (#11751) * chore(install): update version to 21.04.18 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * FIX: SQLi in poller's broker configuration 21.04.x (#11779) * sanitize and bind pollers broker config queries * applying suggested changes * chore(release): update version to 21.04.19 Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * Update www/install/php/Update-21.04.19.php Co-authored-by: tuntoja <58987095+tuntoja@users.noreply.github.com> Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> * fix(web): display command with status$ in the command definition (#11286) (#11903) * fix(web): display command with status$ in the command definition * Update src/Centreon/Domain/Monitoring/CommandLineTrait.php Co-authored-by: Kevin Duret <kduret@centreon.com> * Update unit test * Fix regex replacement in macros command Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com> Co-authored-by: Stéphane Duret <sduret@centreon.com> Co-authored-by: Kevin Duret <kduret@centreon.com> * FIX: SQLi in contact groups form 21.04.x (#11890) Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: Kevin Duret <kduret@centreon.com> Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com> Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com> Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com> Co-authored-by: alaunois <alaunois@centreon.com> Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com> Co-authored-by: Laurent Calvet <lcalvet@centreon.com> Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com> Co-authored-by: Stéphane Duret <sduret@centreon.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Queries sanitized and bound using PDO statement to reduce attack surface and clean legacy code.
File: www/class/centreonACL.class.php - methods setTopology() and updateACL()
Lines : 410 - 1698 - 1709 - 1736
Fixes # MON-14262
Type of change
Target serie
How this pull request can be tested ?
Using ACL on a non admin user, change access menu, save and logout.
Login again and check that ACL are applied as expected
Checklist
Community contributors & Centreon team