From 7b30bb7b0d10a3866dc90a909787412262572547 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Sat, 14 Dec 2019 13:09:22 +0200 Subject: [PATCH] * Admin: optional session-action column in access-log and sessions also no longer update access-log in session-class destructor, as it fails with skipping permanent logging for WebDAV and others --- admin/inc/class.admin_accesslog.inc.php | 5 +-- admin/js/app.js | 2 +- admin/templates/default/accesslog.xet | 3 ++ api/js/framework/fw_browser.js | 2 +- api/js/framework/fw_classes.js | 10 +++-- api/src/Session.php | 54 ++++++++++--------------- json.php | 2 +- 7 files changed, 37 insertions(+), 41 deletions(-) diff --git a/admin/inc/class.admin_accesslog.inc.php b/admin/inc/class.admin_accesslog.inc.php index 7cfbbbcec8..b9a0c83d84 100644 --- a/admin/inc/class.admin_accesslog.inc.php +++ b/admin/inc/class.admin_accesslog.inc.php @@ -5,9 +5,8 @@ * @link http://www.egroupware.org * @author Ralf Becker * @package admin - * @copyright (c) 2009-16 by Ralf Becker + * @copyright (c) 2009-19 by Ralf Becker * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License - * @version $Id$ */ use EGroupware\Api; @@ -166,7 +165,7 @@ class admin_accesslog 'start' => 0, // IO position in list 'order' => 'li', // IO name of the column to sort after (optional for the sortheaders) 'sort' => 'DESC', // IO direction of the sort: 'ASC' or 'DESC' - //'default_cols' => // I columns to use if there's no user or default pref (! as first char uses all but the named columns), default all columns + 'default_cols' => '!session_action', // I columns to use if there's no user or default pref (! as first char uses all but the named columns), default all columns 'csv_fields' => false, // I false=disable csv export, true or unset=enable it with auto-detected fieldnames, //or array with name=>label or name=>array('label'=>label,'type'=>type) pairs (type is a eT widget-type) 'actions' => $this->get_actions($sessions_list), diff --git a/admin/js/app.js b/admin/js/app.js index c53adb7d31..20e5de52dc 100644 --- a/admin/js/app.js +++ b/admin/js/app.js @@ -176,7 +176,7 @@ app.classes.admin = AppJS.extend( jQuery(this.ajax_target.node).empty(); } this.egw.json( - framework.activeApp.getMenuaction('ajax_exec'), + framework.activeApp.getMenuaction('ajax_exec', _url), // It's important that the context is null, or etemplate2 // won't load the template properly [_url], this._ajax_load_callback,null, true, this diff --git a/admin/templates/default/accesslog.xet b/admin/templates/default/accesslog.xet index 832a8f8379..1e89bc652c 100644 --- a/admin/templates/default/accesslog.xet +++ b/admin/templates/default/accesslog.xet @@ -14,6 +14,7 @@ + @@ -26,6 +27,7 @@ + @@ -42,6 +44,7 @@ + diff --git a/api/js/framework/fw_browser.js b/api/js/framework/fw_browser.js index a9dcec4d3b..de0a28a8f8 100644 --- a/api/js/framework/fw_browser.js +++ b/api/js/framework/fw_browser.js @@ -286,7 +286,7 @@ var fw_browser = (function(){ "use strict"; return Class.extend( jQuery(this.contentDiv).empty(); var self_egw = egw(this.app.appName); var req = self_egw.json( - this.app.getMenuaction('ajax_exec'), + this.app.getMenuaction('ajax_exec', targetUrl), [targetUrl], this.browse_callback,this, true, this ); req.sendRequest(); diff --git a/api/js/framework/fw_classes.js b/api/js/framework/fw_classes.js index 16a501bda9..e18ac247b0 100644 --- a/api/js/framework/fw_classes.js +++ b/api/js/framework/fw_classes.js @@ -12,7 +12,7 @@ ----------------------------*/ /** * application class constructor - * + * * @param {type} _parentFw * @param {type} _appName * @param {type} _displayName @@ -59,8 +59,9 @@ function egw_fw_class_application(_parentFw, _appName, _displayName, _icon, * lie inside the default egw instance. * * @param {string} _fun is the function which shall be called on the server. + * @param {string} _ajax_exec_url contains menuaction for _fun === 'ajax_exec' */ -egw_fw_class_application.prototype.getMenuaction = function(_fun) +egw_fw_class_application.prototype.getMenuaction = function(_fun, _ajax_exec_url) { var baseUrl = ''; var appName = 'home'; @@ -79,8 +80,11 @@ egw_fw_class_application.prototype.getMenuaction = function(_fun) baseUrl = baseUrl + 'json.php?menuaction='; } + var menuaction = _ajax_exec_url ? _ajax_exec_url.match(/menuaction=([^&]+)/) : null; + // use template handler to call current framework, eg. pixelegg - return baseUrl + appName + '.jdots_framework.' + _fun + '.template'; + return baseUrl + appName + '.jdots_framework.' + _fun + '.template'+ + (menuaction ? '.'+menuaction[1] : ''); }; /** diff --git a/api/src/Session.php b/api/src/Session.php index 7ecdf1a907..41faf5f5a3 100644 --- a/api/src/Session.php +++ b/api/src/Session.php @@ -282,12 +282,6 @@ class Session */ function __destruct() { - // write dla update on destruct, allows to modify session action by calling Session::set_action() - if (!isset($GLOBALS['egw_info']['flags']['no_dla_update']) || !$GLOBALS['egw_info']['flags']['no_dla_update']) - { - $this->update_dla(true); - } - self::encrypt($this->kp3); } @@ -1301,7 +1295,7 @@ class Session // allow xajax / notifications to not update the dla, so sessions can time out again if (!isset($GLOBALS['egw_info']['flags']['no_dla_update']) || !$GLOBALS['egw_info']['flags']['no_dla_update']) { - $this->update_dla(); + $this->update_dla(true); } elseif ($GLOBALS['egw_info']['flags']['currentapp'] == 'notifications') { @@ -1774,33 +1768,29 @@ class Session private function update_dla($update_access_log=false) { // This way XML-RPC users aren't always listed as xmlrpc.php - if (!$update_access_log) + if (isset($_GET['menuaction'])) { - if ($this->xmlrpc_method_called) - { - $action = $this->xmlrpc_method_called; - } - elseif (isset($_GET['menuaction'])) - { - $action = $_GET['menuaction']; - } - else - { - $action = $_SERVER['PHP_SELF']; - // remove EGroupware path, if not installed in webroot - $egw_path = $GLOBALS['egw_info']['server']['webserver_url']; - if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH); - if ($action == '/Microsoft-Server-ActiveSync') - { - $action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId']; - } - elseif ($egw_path) - { - list(,$action) = explode($egw_path,$action,2); - } - } - $this->set_action($action); + list(, $action) = explode('.ajax_exec.template.', $_GET['menuaction']); + + if (empty($action)) $action = $_GET['menuaction']; } + else + { + $action = $_SERVER['PHP_SELF']; + // remove EGroupware path, if not installed in webroot + $egw_path = $GLOBALS['egw_info']['server']['webserver_url']; + if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH); + if ($action == '/Microsoft-Server-ActiveSync') + { + $action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId']; + } + elseif ($egw_path) + { + list(,$action) = explode($egw_path,$action,2); + } + } + $this->set_action($action); + // update dla in access-log table, if we have an access-log row (non-anonymous session) if ($this->sessionid_access_log && $update_access_log && // ignore updates (session creation is written) of *dav, avatar and thumbnail, due to possible high volume of updates diff --git a/json.php b/json.php index 1b8407369d..eea1785473 100644 --- a/json.php +++ b/json.php @@ -104,7 +104,7 @@ try { 'no_exception_handler' => true, // we already installed our own // only log ajax requests which represent former GET requests or submits // cuts down updates to egw_access_log table - 'no_dla_update' => !preg_match('/(Etemplate::ajax_process_content|\.jdots_framework\.ajax_exec\.template)$/', $_GET['menuaction']), + 'no_dla_update' => !preg_match('/(Etemplate::ajax_process_content|\.jdots_framework\.ajax_exec\.template)/', $_GET['menuaction']), ) ); include_once('./header.inc.php');