AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add bulk Fav / unfav creds and added fav creds to the client overview page

This commit is contained in:
johnnyq 2026-02-07 18:42:53 -05:00
parent 2ca8112daf
commit d1eeba67fc
3 changed files with 159 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
agent/client_overview.php
View File

@ -32,6 +32,15 @@ $sql_favorite_assets = mysqli_query(
ORDER BY asset_type ASC, asset_name ASC"
);
$sql_favorite_credentials = mysqli_query(
$mysqli,
"SELECT * FROM credentials
WHERE credential_client_id = $client_id
AND credential_favorite = 1
AND credential_archived_at IS NULL
ORDER BY credential_name ASC"
);
$sql_recent_tickets = mysqli_query(
$mysqli,
"SELECT * FROM tickets
@ -338,6 +347,70 @@ $sql_asset_retired = mysqli_query(
<?php } ?>
<?php if (mysqli_num_rows($sql_favorite_credentials) > 0) { ?>
<div class="col-md-4">
<div class="card card-dark mb-3">
<div class="card-header">
<h5 class="card-title"><i class="fas fa-fw fa-star mr-2"></i>Favorite Credentials</h5>
</div>
<div class="card-body p-2">
<table class="table table-borderless table-sm">
<?php
while ($row = mysqli_fetch_assoc($sql_favorite_credentials)) {
$credential_id = intval($row['credential_id']);
$credential_name = nullable_htmlentities($row['credential_name']);
$credential_description = nullable_htmlentities($row['credential_description']);
$credential_uri = sanitize_url($row['credential_uri']);
if (empty($credential_uri)) {
$credential_uri_display = "-";
} else {
$credential_uri_display = "<a href='$credential_uri'>" . truncate($credential_uri,40) . "</a><button class='btn btn-sm clipboardjs' type='button' title='$credential_uri' data-clipboard-text='$credential_uri'><i class='far fa-copy text-secondary'></i></button>";
}
$credential_uri_2 = sanitize_url($row['credential_uri_2']);
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username']));
if (empty($credential_username)) {
$credential_username_display = "-";
} else {
$credential_username_display = "$credential_username<button class='btn btn-sm clipboardjs' type='button' data-clipboard-text='$credential_username'><i class='far fa-copy text-secondary'></i></button>";
}
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']);
$credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"';
if (empty($credential_otp_secret)) {
$otp_display = "-";
} else {
$otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>";
}
?>
<tr>
<td>
<a href="#" class="ajax-modal"
data-modal-url="modals/credential/credential_edit.php?id=<?= $credential_id ?>">
<i class="fas fa-fw fa-key text-muted mr-2"></i><?= $credential_name ?>
</a>
</td>
<td><?= $credential_username_display ?></td>
<td class="text-nowrap">
<button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $credential_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button><button class="btn btn-sm clipboardjs" type="button" data-clipboard-text="<?php echo $credential_password; ?>"><i class="far fa-copy text-secondary"></i></button>
</td>
<td><?= $otp_display ?></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</div>
<?php } ?>
<?php if (mysqli_num_rows($sql_shared_items) > 0) { ?>
<div class="col-md-4">
@ -731,6 +804,9 @@ $sql_asset_retired = mysqli_query(
</div>
<!-- Include script to get TOTP code via the login ID -->
<script src="js/credential_show_otp_via_id.js"></script>
<script>
function updateClientNotes(client_id) {
var notes = document.getElementById("clientNotes").value;

11
agent/credentials.php
View File

@ -232,7 +232,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
</button>
<div class="dropdown-menu">
<button class="dropdown-item"
type="submit" form="bulkActions" name="bulk_favorite_credentials">
<i class="fas fa-fw fa-star text-warning mr-2"></i>Favorite
</button>
<div class="dropdown-divider"></div>
<button class="dropdown-item"
type="submit" form="bulkActions" name="bulk_unfavorite_credentials">
<i class="far fa-fw fa-star mr-2"></i>Unfavorite
</button>
<?php if ($archived) { ?>
<div class="dropdown-divider"></div>
<button class="dropdown-item text-info"
type="submit" form="bulkActions" name="bulk_unarchive_credentials">
<i class="fas fa-fw fa-redo mr-2"></i>Unarchive
@ -243,6 +253,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</button>
<?php } else { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/credential/credential_bulk_assign_tags.php"
data-bulk="true">

72
agent/post/credential.php
View File

@ -187,6 +187,78 @@ if (isset($_POST['bulk_assign_credential_tags'])) {
}
if (isset($_POST['bulk_favorite_credentials'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_support', 2);
if (isset($_POST['credential_ids'])) {
$count = count($_POST['credential_ids']);
foreach ($_POST['credential_ids'] as $credential_id) {
$credential_id = intval($credential_id);
// Get Asset Name and Client ID for logging and alert message
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
$row = mysqli_fetch_assoc($sql);
$credential_name = sanitizeInput($row['credential_name']);
$client_id = intval($row['credential_client_id']);
mysqli_query($mysqli,"UPDATE credentials SET credential_favorite = 1 WHERE credential_id = $credential_id");
logAction("Credential", "Edit", "$session_name marked credential $credential_name a favorite", $client_id, $credential_id);
}
logAction("Credential", "Bulk Edit", "$session_name favorited $count credentials", $client_id);
flash_alert("Favorited <strong>$count</strong> credential(s)");
}
redirect();
}
if (isset($_POST['bulk_unfavorite_credentials'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_support', 2);
if (isset($_POST['credential_ids'])) {
$count = count($_POST['credential_ids']);
foreach ($_POST['credential_ids'] as $credential_id) {
$credential_id = intval($credential_id);
// Get Asset Name and Client ID for logging and alert message
$sql = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
$row = mysqli_fetch_assoc($sql);
$credential_name = sanitizeInput($row['credential_name']);
$client_id = intval($row['credential_client_id']);
mysqli_query($mysqli,"UPDATE credentials SET credential_favorite = 0 WHERE credential_id = $credential_id");
logAction("Credential", "Edit", "$session_name unfavorited credential $credential_name", $client_id, $credential_id);
}
logAction("Crednetial", "Bulk Edit", "$session_name unfavorited $count credentials", $client_id);
flash_alert("Unfavorited <strong>$count</strong> credential(s)");
}
redirect();
}
if (isset($_POST['bulk_archive_credentials'])) {
validateCSRFToken($_POST['csrf_token']);