Commit Graph

313 Commits

Author SHA1 Message Date
Pliable Pixels 8e1037458a when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist 2019-05-18 11:23:16 -04:00
Isaac Connor 93aeceecfc Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement 2019-05-17 10:18:15 -04:00
Pliable Pixels 41ae745b17 removed stale code 2019-05-12 18:53:51 -04:00
Pliable Pixels ec279ccc9a make old API auth mechanism optional 2019-05-12 18:51:07 -04:00
Pliable Pixels 881d531fe9 make old API auth optional, on by default 2019-05-12 18:19:19 -04:00
Pliable Pixels 225893fcd6 add mintokenexpiry to DB seek 2019-05-12 05:50:19 -04:00
Pliable Pixels 88d50ec9ca added revoke all tokens code, removed test code 2019-05-11 15:47:57 -04:00
Pliable Pixels 95b448abdd handle case when supplied password is hashed, fix wrong params in AppController 2019-05-10 11:25:55 -04:00
Pliable Pixels 1770ebea23 make sure refresh token login doesn't generate another refresh token 2019-05-08 15:26:51 -04:00
Pliable Pixels 0bc96dfe83 Error out if used did not create an AUTH_HASH_SECRET 2019-05-08 14:26:16 -04:00
Pliable Pixels bc050fe330 support refresh tokens as well for increased security 2019-05-08 13:38:42 -04:00
Pliable Pixels 27e6e46f84 remove allowing auth_hash_ip for token 2019-05-08 12:11:32 -04:00
Pliable Pixels b293592e4c added token validation to zms/zmu/zmuser 2019-05-08 10:55:32 -04:00
Pliable Pixels d36c1f5d3c Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading 2019-05-07 15:04:12 -04:00
Pliable Pixels 0bbc582971 New token= query for JWT 2019-05-07 15:03:13 -04:00
Isaac Connor 5b68ddcc9a add a note deprecating getDiskPercent 2019-04-17 09:55:34 -04:00
Pliable Pixels d270fbd0ad added support for named params to consoleEvents (#2571) 2019-04-09 16:28:46 -04:00
Isaac Connor 3abf263e7a fixup half-merged changes to filter to view in montagereview 2019-04-08 16:57:41 -04:00
Isaac Connor 780f4f9b9a Merge branch 'master' of github.com:zoneminder/ZoneMinder 2019-04-06 09:27:44 -04:00
Isaac Connor 110e5075f4 fix namespace fixes #3566 2019-04-01 17:21:01 -04:00
Isaac Connor fa9803d819 Can't use this->data to avoid another db hit. Must load by id 2019-04-01 10:11:56 -04:00
Isaac Connor b988ce0573 more parentheses to make logic more clear 2019-03-20 14:26:35 -04:00
Isaac Connor a634d8b774 use id instead of this->data when loading Event to delete in API 2019-03-19 17:26:20 -04:00
Isaac Connor 520c41da23 Merge ../ZoneMinder.connortechnology.bad into storageareas 2019-03-18 14:40:03 -04:00
Matthew Noorenberghe abb6ef1688 API: Escape 'named' params for SQLi in two more Event endpoints.
Fixes #2099
2019-03-11 00:21:51 -07:00
Matthew Noorenberghe 056b96f7fc API: Monitor and Event 'index' SQLi. Fixes #2099 2019-03-11 00:21:51 -07:00
Isaac Connor af9c87a112 Merge branch 'master' into storageareas 2019-02-27 10:53:19 -05:00
Isaac Connor 4c35f2910c fix ZM namespace 2019-02-26 18:09:18 -05:00
Isaac Connor df3e11d83c Fix authentication in api because we no longer store the user object in the session 2019-02-26 17:01:45 -05:00
Isaac Connor a00e2381b7 Merge branch 'master' into storageareas 2019-02-26 11:33:29 -05:00
Isaac Connor 92dc7878de
Fix 2340 (#2368)
* include includes/functions.php so that we have access to all it's contents

* add a beforeDelete function which deletes the files.  Add other needed functions like Path() LinkPath() etc.

* add require_once for Storage and functions because we use them in Event

* Now that ZM has namespaces use the ZM Event class to do the heavy lifting of delete

* Don't need functions in AppController anymore
2019-02-26 11:28:56 -05:00
Isaac Connor fbdb5bcb62 Merge branch 'master' into storageareas 2019-02-19 12:06:32 -05:00
Isaac Connor eaa7341935 Add missing / in path to auth.php 2019-02-19 10:07:36 -05:00
Isaac Connor 5029d7214a Merge branch 'master' into storageareas 2019-02-18 17:00:45 -05:00
Isaac Connor 4cd3a93e96 add missing / 2019-02-18 16:30:03 -05:00
Mitch Capper 04c17283ec need to prefix with _dir_ otherwise relative to initial script (#2531) 2019-02-17 11:31:10 -05:00
Isaac Connor 5060358870 Merge branch 'master' into storageareas 2018-12-29 09:56:53 -05:00
Andrew Bauer 3258d8e590 remove ZM_DIR_IMAGES (#2374) 2018-12-29 09:52:58 -05:00
Isaac Connor 27826b4aca Merge branch 'master' into storageareas 2018-12-24 09:48:29 -05:00
Isaac Connor 47465260d1 Update permissions checking for Groups to not use session. Fixes #2353 2018-12-21 10:01:48 -05:00
Isaac Connor e626049f6b Merge branch 'swresample' into storageareas 2018-12-20 14:08:40 -05:00
Pliable Pixels 622c17f628 make sure auth is regenerated each time we call this API (#2347) 2018-12-16 11:02:07 -05:00
Isaac Connor c8c34d3f95 Merge branch 'master' into storageareas 2018-12-11 10:21:22 -05:00
Isaac Connor b3bed9a28a fix whitespace 2018-12-11 10:20:02 -05:00
Isaac Connor 7d90a56561 Merge branch 'master' into storageareas 2018-11-30 14:46:42 -05:00
Pliable Pixels e6b8a7bc66 resolves #2327 2018-11-29 09:21:10 -05:00
Isaac Connor f5328265ef fix missing daemons definition 2018-11-28 09:12:22 -05:00
Isaac Connor 51d8c0ea73 add back daemon parameter, but make it actually work 2018-11-14 12:59:44 -05:00
Isaac Connor 9d8f0fef0c add templates for daemonControl to api 2018-11-14 12:54:40 -05:00
Isaac Connor d671761a35 simplify params to daemonControl since they really aren't being used anyways. Return the status text 2018-11-14 12:54:10 -05:00
Andrew Bauer 6360b84e15
Merge pull request #2288 from connortechnology/add_monitor_status_to_api
rough in adding Monitor_Status to Monitors
2018-11-03 20:46:11 -05:00
Isaac Connor e87ded35f1 rough in adding Monitor_Status to Monitors 2018-10-31 11:08:44 -04:00
ratmole 2b0df3e4e2 API - Disable E_NOTICE from php error reporting in cake debug
Using zmNinja, the API reports E_NOTICE errors

Notice (8): compact(): Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
Notice (8): compact() [<a href='http://php.net/function.compact'>function.compact</a>]: Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
Notice (8): compact() [<a href='http://php.net/function.compact'>function.compact</a>]: Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]
Notice (8): compact() [<a href='http://php.net/function.compact'>function.compact</a>]: Undefined variable: subject [CORE/Cake/Utility/ObjectCollection.php, line 128]

and zmNinja will not work...
there is a better way, but i think disabling E_NOTICE error is way easier

see: https://github.com/ZoneMinder/zoneminder/pull/2269
2018-10-31 10:17:36 +02:00
Andrew Bauer 073193e410
Merge pull request #2281 from connortechnology/fix_2279_delete_camera_through_api
Fix 2279 delete camera through api
2018-10-30 07:06:14 -05:00
Isaac Connor 39061038fb Don't include related models in Storage index 2018-10-29 14:40:05 -04:00
Isaac Connor 9a2d58adce We don't store all the permissions in the session anymore. We just use the global user object 2018-10-29 11:03:03 -04:00
Isaac Connor 8878397622 fix spacing 2018-10-20 11:36:25 -04:00
Andrew Bauer 409fd6aa6f
Merge pull request #2232 from connortechnology/fix_2229_getDiskPercent
Fix 2229 get disk percent
2018-10-03 18:11:28 -05:00
Isaac Connor 66221e39ab rough in a StorageController for api 2018-10-03 11:22:51 -04:00
Isaac Connor 12bed9b6ac Use alternate, working test for relative ZM_DIR_EVENTS. Don't use human output from du when specifying mid to be consistent. 2018-10-03 11:11:33 -04:00
Isaac Connor 03f09bdc48 Use defined CONFIG constants instead of looking up config from db 2018-10-03 10:56:02 -04:00
Isaac Connor bf9ff8461c Add WebSite to the Monitor type enumeration 2018-09-24 13:20:19 -04:00
Isaac Connor 23ddc83ad4
fix_2167 (#2168)
* Populate a global  from the session on every request. Use the  object instead of using allowedMonitors in session.

* fix when  gets loaded.

* use  for auth, and add Monitor Edit checks to Zone add/delete/edit

* add back the ZM_OPT_USE_AUTH test for being logged in in AppController

* Update permissions code to use

* change quotes

* Update permission code to use

* Use  instal of session for systemPermission

* deprecate montiorPermision in session

* use  instead of session streamPermission

* move login code back into AppController. Has to be done for every request

* deprecate eventPermission, controlPermission and systemPermission in session.

* handle auth params in query string as well as post

* exit on HUP to free up memory.

* add missing global user

* system should be System
2018-08-08 09:59:46 -04:00
Isaac Connor dc57a3c91c fix spacing/quotes/google code style 2018-07-24 16:41:09 -04:00
Pliable Pixels 997aa6aa55 fixed getCredentials not working if called directly 2018-07-17 13:57:20 -04:00
Pliable Pixels 0ff9002adf 2156 api login (#2157)
* error can be due to bad user or password

* added login/logout and related private functions

* handle case when userLogin fails, current code returns PHP error for  and API throw is not called

* formatting

* converted login params to POST, removed user=&pass= for other APIs

* formatting

* add auth check back but leave out login/out

* fixes to make it work across zmN, postman and curl

* added back enabled check
2018-07-15 21:17:35 -04:00
Isaac Connor fe5ebe094d More work just using auth.php instead of cake code. Don't reload the User object 2018-07-11 11:45:49 -04:00
Isaac Connor 4f80ca6871 Use userLogin function from auth.php instead of cake code. 2018-07-11 10:33:49 -04:00
Isaac Connor 983e3c45be Fix spacing and quotes 2018-07-11 09:54:25 -04:00
Isaac Connor f10509690b add username and passwordHash to Session so that generateAuthHash works 2018-07-11 09:54:15 -04:00
Isaac Connor 21438d17ac Fix authenticating User 2018-07-10 13:19:51 -04:00
Isaac Connor 930d929427 Merge branch 'storageareas' into api_auth 2018-07-10 12:46:30 -04:00
Andrew Bauer 32d103c216 fix submodule again 2018-07-01 08:23:00 -05:00
Andrew Bauer 5d0719f18d fixes #2137 2018-07-01 08:16:06 -05:00
Isaac Connor e04eac57ae Include values in /etc/zm files in viewByName 2018-06-25 15:43:01 -04:00
Isaac Connor 24ceb75936 Merge branch 'master' into include_fs_config_in_api_config 2018-06-21 21:41:54 -04:00
Isaac Connor cd64619743 Fix controlling daemon when the monitor is Local 2018-06-06 12:56:33 -04:00
Isaac Connor af3ce3660f Only unlink if file exists, removing warning. Always return a Storage object in Monitor->Storage() fixes Monitor Delete. 2018-05-24 09:54:45 -04:00
Isaac Connor be424f46f0 Merge branch 'storageareas' of github.com:connortechnology/ZoneMinder into storageareas 2018-05-18 12:07:22 -04:00
Isaac Connor 8276386a44 We always return an associative array now 2018-05-18 09:06:17 -04:00
Isaac 93dd943fec Fix some spacing 2018-05-16 20:17:57 +02:00
Isaac Connor 571b27a025 Merge branch 'storageareas' of github.com:ConnorTechnology/ZoneMinder into storageareas 2018-05-10 14:39:16 -04:00
Isaac Connor c61deb422f update to -zm versions 2018-05-10 14:38:49 -04:00
Isaac Connor 2a5f05499e Munge the config in the global configvals into the configs array before returning it. 2018-05-10 13:44:46 -04:00
Isaac Connor 62edca6dcb add fileSize to the api, and use it to add remote fileSize reporting in includes/Event 2018-05-08 13:33:56 -07:00
Isaac Connor e7bd5900bc rough in a Storage Model 2018-05-07 14:09:05 -07:00
Isaac Connor 1a012c62ff Add fileExists to event view 2018-05-07 14:07:03 -07:00
Isaac Connor 9c44f56f37 Add Storage to belongsTo. Implement Relative_Path and fileExists functions 2018-05-07 14:06:48 -07:00
Isaac Connor f2c099f1e4 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2018-05-04 16:01:25 -04:00
Isaac 84c94efaa8 Move redunddant close methods into parent. Use Fatal instead of croak. Croak is not defined so it causes an infinite loop 2018-05-04 02:26:25 +02:00
Pliable Pixels e953a04f61 naming consistency of attribute (#2096) 2018-05-03 14:03:49 -04:00
Pliable Pixels a3158fcc97 auth_key api for different situations (#2090)
* auth_key api for different situations

* added new flag to indicate if password needs to be appended

* pure json view
2018-05-02 12:26:28 -04:00
Isaac Connor c3b6cd4bab include auth.php if auth is on, and return '' for auth_hash is auth is disabled 2018-04-30 11:24:53 -04:00
Isaac Connor a4da624f4c break out of loops when zm-terminate is set 2018-04-27 13:20:38 -07:00
Isaac Connor bbb10fa4b4 Turn off ffmpeg debugging output, as it seems to conflict with the code at zm_db.cpp 34 2018-04-24 12:40:15 -04:00
Isaac Connor 578df0c5cc update submodules 2018-04-20 16:18:58 -04:00
Isaac Connor c65255a067 Merge ../ZoneMinder.connortechnology 2018-04-20 15:56:42 -04:00
Isaac Connor a868bb70ed Better debug when fail to attach images 2018-04-20 15:56:14 -04:00
Isaac Connor fac3cde1e7 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2018-04-20 15:23:23 -04:00
Andy Bauer ed140426ab rpm packaging changes and documentation 2018-04-19 15:36:43 -05:00