summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-base/luasrc
AgeCommit message (Collapse)Author
2016-01-15luci-base: initialize CBI optionals on initial Map render (#618)Jo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-15Merge pull request #563 from cshore/pull-request-app-uhttpdJo-Philipp Wich
Pull request app uhttpd
2016-01-11luci-base: properly handle ubus connections for non-root (#570, #571)Jo-Philipp Wich
Instead of relying on the connect-before-setuid hack, ship a proper acl definition file whitelisting the procedures that LuCI requires on its non-root pages. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-17Merge pull request #464 from remakeelectric/pulls/list-operationsJo-Philipp Wich
get/set list operations and documentation
2015-12-17Merge pull request #577 from cshore/pull-request-safe-file-uploadJo-Philipp Wich
luci-base: Make default for FileUpload 'safe'
2015-12-15validation: Add option ipv4only option to host and hostport datatypesDaniel Dickinson
Some applications only support ipv4 so add ipv4only option to host and hostport datatypes so that for thos applications that when an IP address is specified only and ipv4 ip address gets accepted.
2015-12-15modules/luci-base: Fix ipaddrport validator to support ipv6Daniel Dickinson
The previous versiono of ipaddrport validator only worked for ipv4 due to disallowing colons (:) in ip address which obvious fails for ipv6. We now instead allow either ipv4 address or an ipv6 address of the form [<ipv6address>]:port
2015-12-15luci-base: Make default for FileUpload 'safe'Daniel Dickinson
Some files and pointers to files are not safe to remove without a replacement file and config pointing to the file. For instance for uhttpd application in the works, removing the certificate or key config or files without having the replacements in places renders the WeUI inaccessible. The only other place where FileUpload is currently used is for wifi certificates for which the 'safe' handling is also preferred. Therefore make the default for the FileUpload widget the safe handling and add a property self.unsafeupload that allows for the old unsafe handling should it prove useful in some case. Also allow to specify a file already on router instead of uploading a file. Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-15Merge pull request #564 from cshore/pull-request-app-firewall-timedateJo-Philipp Wich
Pull request app firewall timedate
2015-12-15lib-nixio / luci-base: Fix for reading csrf token prevents file uploadDaniel Dickinson
The call to http.formvalue in order to read the csrf token causes _parse_input to be triggered *before* controllers and cbi maps have been built. This results in the failure of file uploads because the file handler is not yet in place when _parse_input gets called, and it is in _parse_input that POST data is parsed (including files). To fix this we add the ability to write file fields to temporary files (using mkstemp and unlink in nixio.file) and use this to store file data until the filehandler is registered, with a fallback to reading the file data into memory. Once the filehandler callback gets registered we iterate though all previously parsed (saved) files and copy the data to the file handler, and then close the temporary file (which finally removes because we unlinked after creating the file, but didn't close the file so unlink was deferred). Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-15validation: Add option ipv4only option to host and hostport datatypesDaniel Dickinson
Some applications only support ipv4 so add ipv4only option to host and hostport datatypes so that for thos applications that when an IP address is specified only and ipv4 ip address gets accepted.
2015-12-15modules/luci-base: Fix ipaddrport validator to support ipv6Daniel Dickinson
The previous versiono of ipaddrport validator only worked for ipv4 due to disallowing colons (:) in ip address which obvious fails for ipv6. We now instead allow either ipv4 address or an ipv6 address of the form [<ipv6address>]:port
2015-12-15luci-base: Make default for FileUpload 'safe'Daniel Dickinson
Some files and pointers to files are not safe to remove without a replacement file and config pointing to the file. For instance for uhttpd application in the works, removing the certificate or key config or files without having the replacements in places renders the WeUI inaccessible. The only other place where FileUpload is currently used is for wifi certificates for which the 'safe' handling is also preferred. Therefore make the default for the FileUpload widget the safe handling and add a property self.unsafeupload that allows for the old unsafe handling should it prove useful in some case. Also allow to specify a file already on router instead of uploading a file. Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-14applications: firewall: Add time and date for rules and redirectsDaniel Dickinson
UCI config for the firewall has the option of specifying time and date limitations; add these options the UI.
2015-12-14luci-base: Add time and data datatypes for use with firewall appDaniel Dickinson
Adding LuCI configuation of the firewall time and data uci options is in progress and this adds the necessary datatypes for validating those fields.
2015-12-12modules/luci-base: Move LuCI FileUpload directory to /etc/luci-uploads and ↵Daniel Dickinson
save across sysupgrade /lib/uci/upload is a rather odd place for configuration files Also the files were not saved across sysupgrade, which is somewhat counter-productive for configuration files. Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-09luci-base: rewrite luci.sys.net.conntrack()Jo-Philipp Wich
The new function is twice as fast as the old implementation and properly summarizes outgoing and incoming byte and packet counters. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-02luci-base: fix escaping lua string to js reprYousong Zhou
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-12-02luci-base: add hostport and ipaddrport validation typesJo-Philipp Wich
Add two new types 'hostport' and 'ipaddrport' to validate strings in the form 'sub.example.org:1234' and '0.0.0.0:80'. The 'hostport' accepts hostnames or IP addresses followed by a colon and a port number while the 'ipaddrport' type accepts numeric IP addresses only, followed by a colon and a port. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-02luci-base: Add function for shell single-quote parameter escapingDaniel Dickinson
When using os.execute or luci.sys.call the shell is called with the command line which means that standard shell interpretation of strings occurs. To allow to use these commands more easily we add functions for properly escaping single-quoted strings used on the command line
2015-11-26Merge pull request #534 from yousong/add-luci-proto-ppposshJo-Philipp Wich
Add luci proto pppossh
2015-11-21luci-base: use board.json to infer switch netdevJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-21luci-base: switch to luci-lib-jsoncJo-Philipp Wich
Add dependency on luci-lib-jsonc and use it to reimplement luci.util.serialize_json(). Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-17luci-base: eliminate use of uci state vars in luci.model.networkJo-Philipp Wich
Also implement :ipaddrs() and :ip6addrs() helper for network instances. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-16luci-base: fix uci documentation issue (#538)Jo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-03Redirect to root on empty pathJoel Pedraza
* Prevents an empty Location header * Useful in environments where build_url() could return an empty string (such as http server rewrites requests to /cgi-bin/luci) Signed-off-by: Joel Pedraza <github@saik0.net>
2015-11-03luci-base: add support for DynamicList with FileBrowserYousong Zhou
Two new arguments url, defpath were added to cbi_dynlist_init() for initializing the brower button. An example of usage identity = section:taboption("general", DynamicList, "identity", translate("List of SSH key files for auth")) identity.datatype = "file" Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-11-03luci-base: urlencode: encode all except unreserved characters.Yousong Zhou
As per http://tools.ietf.org/html/rfc3986#section-2.3 Characters that are allowed in a URI but do not have a reserved purpose are called unreserved. These include uppercase and lowercase letters, decimal digits, hyphen, period, underscore, and tilde. unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~" Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-11-01template cbi/value.htm implement documented property maxlengthChristian Schoenebeck
template cbi/value.htm implement already documented property maxlength Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-31cbi.lua: Implement "readonly" property for "Value"Christian Schoenebeck
cbi.lua: Implement "readonly" property for "Value" Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-31template cbi/value.htm: add "readonly" propertyChristian Schoenebeck
template cbi/value.htm: add "readonly" property Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-30cbi.lua: Implement Flag.validate functionChristian Schoenebeck
cbi.lua - Implement Flag.validate function to be overwritable - rewritten if clause for easier reading ;-) Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-27luci-base: eliminiate use of uci state vars in luci.sysJo-Philipp Wich
Rewrite `luci.sys.wifi.getiwinfo()` to use the ubus wireless state instead of depreacated uci state vars in order to map abstract network notation to wireless ifnames. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-22luci-base: dispatcher expose test_post_security()Jo-Philipp Wich
Allows external code to perform POST and token checking manually. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-base: ensure that base url is emitted with trailing slashJo-Philipp Wich
Now that we don't have an url token anymore, '/cgi-bin/luci' becomes a valid url while cookies are restricted to only '/cgi-bin/luci/' and below. In order to ensure that the first request after login refers to a path covered by the authentication cookie, change build_url() to always append a trailing slash if we're referring to the base url. This should fix the login problems mentioned in #516. While we're touching the dispatcher, also remove remaining url token code. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-base: remove security token from urlsJo-Philipp Wich
Now that sensitive urls require post requests and only accept them if a valid security token is sent along the request, we can drop the global random url token to improve LuCI usability. The main improvement is the ability to use multiple tabs with the same login session, but also deep linking to specific urls without the need for another login becomes feasible, e.g. for documentation purposes. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-base: filter invalid opkg status linesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-base: generalize post security token handlingJo-Philipp Wich
* Add a generic helper function to check need for post / csrf token validation * Remove custom token verification in cbi targets * Support requiring post security depending on specific submit parameters, usable through post_on() action Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-12Timezone information: update to 2015gHannu Nyman
Changes in 2015g: http://mm.icann.org/pipermail/tz-announce/2015-October/000034.html Norfolk moves from +1130 to +1100 on 2015-10-04 at 02:00 local time. Fiji's 2016 fall-back transition is scheduled for January 17, not 24. Fort Nelson, British Columbia will not fall back on 2015-11-01. It has effectively been on MST (-0700) since it advanced its clocks on 2015-03-08. New zone America/Fort_Nelson. Note: the Turkey-related one-time rule change is not apparently catched by the zoneinfo2lua script, so that change is not included in this commit. (Turkey's 2015 fall-back transition is scheduled for Nov. 8, not Oct. 25.) Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-08luci-base: prevent UCI changes in CBI if form is not in submit stateJo-Philipp Wich
Only process submitted data if the "cbi.submit" parameter is present as the dispatcher will verify the integrity of the CSRF token in this case. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-07Globally replace luci.dispatcher.build_url(...) with url(...) invocationsJo-Philipp Wich
Also concat multiple string arguments into one while we're at it. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-07luci-base: expose luci.dispatcher.build_url() as url() in templatesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-07luci-base: protect simpleforms with CSRF tokensJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06luci-base: switch to POST action for service reloadJo-Philipp Wich
Switches the service reload calls to CSRF token protected POST action. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06luci-base: protect CBI forms with CSRF tokensJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06luci-base: add support for POST-only actions with CSRF token checkJo-Philipp Wich
Add the dispatcher infrastructure to restrict certain routes to POST requests only in conjunction with verification of CSRF tokens. This is the first step to get rid of the CSRF token in the url in favor to tokens embedded in forms. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06Globally convert headline anchors into name attributes.Jo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-09-16Luci opkg/packages: Show package size in list of available packagesHannu Nyman
Add package *.ipk size information to package listing in Luci, as opkg was today extended to support listing also the size information. Visible fields are now: name, version, size, description That will help users considering installation of a certain package to assess its size impact on flash. Note: Opkg data includes the size of the .ipk file, not the expanded size. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-09-02uci:get_list: always return a table, no matter what.Karl Palsson
Previously, get_list("fake", "non-existent", "notreal") would still return a table, just empty. This is nice, as you can always iterate the returned table, without having to check it first. However, if you happened to pass a nil for any of the parameters, you would actually get a nil in return. This was inconsistent. The documentation is updated to clarify the behaviour of this function. Signed-off-by: Karl Palsson <karlp@remake.is>
2015-09-02uci:set_list: Delete option if the list is emptyKarl Palsson
Allows lists fetched with get_list to be modified and simply passed back to set_list. Explicitly calling set_list() with an empty list is clearly requesting that there be zero list items, ie, deletion of the option altogether. Signed-off-by: Karl Palsson <karlp@remake.is>