Merge pull request #1321 from jokob-sk/main

sync

.github/workflows/docker_dev.yml

@@ -47,12 +47,6 @@ jobs:
         id: get_version
         run: echo "version=Dev" >> $GITHUB_OUTPUT
 
-      # --- debug output
-      - name: Debug version
-        run: |
-          echo "GITHUB_REF: $GITHUB_REF"
-          echo "Version: '${{ steps.get_version.outputs.version }}'"
-
       # --- Write the timestamped version to .VERSION file
       - name: Create .VERSION file
         run: echo "${{ steps.timestamp.outputs.version }}" > .VERSION

.github/workflows/docker_prod.yml

@@ -49,17 +49,9 @@ jobs:
         id: get_version
         run: echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
 
-
-      # --- debug output
-      - name: Debug version
-        run: |
-          echo "GITHUB_REF: $GITHUB_REF"
-          echo "Version: '${{ steps.get_version.outputs.version }}'"
-          echo "Version prev: '${{ steps.get_version_prev.outputs.version }}'"
-
       # --- Write version to .VERSION file
       - name: Create .VERSION file
-        run: echo -n "${{ steps.get_version.outputs.version }}" > .VERSION
+        run: echo "${{ steps.get_version.outputs.version }}" > .VERSION
 
       # --- Generate Docker metadata and tags
       - name: Docker meta

docs/MIGRATION.md

@@ -239,7 +239,29 @@ services:
 
 4. Start the container and verify everything works as expected.
 5. Stop the container.
-6. Update the `docker-compose.yml` as per example below.
+6. Perform a one-off migration to the latest `netalertx` image and `20211` user:
+
+> [!NOTE]
+> The example below assumes your `/config` and `/db` folders are stored in `local_data_dir`.
+> Replace this path with your actual configuration directory. `netalertx` is the container name, which might differ from your setup.
+
+```sh
+docker run -it --rm --name netalertx --user "0" \
+  -v /local_data_dir/config:/data/config \
+  -v /local_data_dir/db:/data/db \
+  --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \
+  ghcr.io/jokob-sk/netalertx:latest
+```
+
+...or alternatively execute:
+
+```bash
+sudo chown -R 20211:20211 /local_data_dir
+sudo chmod -R a+rwx /local_data_dir
+```
+
+7. Stop the container
+8. Update the `docker-compose.yml` as per example below.
 
 ```yaml
 services:
@@ -266,33 +288,5 @@ services:
       - "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
     # 🆕 New "tmpfs" section END  🔼
 ```
-7. Perform a one-off migration to the latest `netalertx` image and `20211` user.
 
-> [!NOTE]
-> The examples below assumes your `/config` and `/db` folders are stored in `local_data_dir`.
-> Replace this path with your actual configuration directory. `netalertx` is the container name, which might differ from your setup.
-
-**Automated approach**:
-
-Run the container with the `--user "0"` parameter. Please note, some systems will require the manual approach below.
-
-```sh
-docker run -it --rm --name netalertx --user "0" \
-  -v /local_data_dir/config:/data/config \
-  -v /local_data_dir/db:/data/db \
-  --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \
-  ghcr.io/jokob-sk/netalertx:latest
-```
-
-Stop the container and run it as you would normally.
-
-**Manual approach**:
-
-Use the manual approach if the Automated approach fails. Execute the below commands:
-
-```bash
-sudo chown -R 20211:20211 /local_data_dir
-sudo chmod -R a+rwx /local_data_dir
-```
-
-8. Start the container and verify everything works as expected.
+9. Start the container and verify everything works as expected.

front/js/common.js

@@ -389,18 +389,12 @@ function localizeTimestamp(input) {
     }).format(new Date(ms));
   }
 
- // 2. European DD/MM/YYYY
-  let match = input.match(/^(\d{1,2})\/(\d{1,2})\/(\d{4})(?:[ ,]+(\d{1,2}:\d{2}(?::\d{2})?))?$/);
+  // 2. European DD/MM/YYYY
+  let match = input.match(/^(\d{1,2})\/(\d{1,2})\/(\d{4})(?:[ ,]+(\d{1,2}:\d{2}(?::\d{2})?))?(.*)$/);
   if (match) {
     let [, d, m, y, t = "00:00:00", tzPart = ""] = match;
-    const dNum = parseInt(d, 10);
-    const mNum = parseInt(m, 10);
-
-    if (dNum <= 12 && mNum > 12) {
-    } else {
-      const iso = `${y}-${m.padStart(2,'0')}-${d.padStart(2,'0')}T${t.length===5 ? t + ":00" : t}${tzPart}`;
-      return formatSafe(iso, tz);
-    }
+    const iso = `${y}-${m.padStart(2,'0')}-${d.padStart(2,'0')}T${t.length===5?t+":00":t}${tzPart}`;
+    return formatSafe(iso, tz);
   }
 
   // 3. US MM/DD/YYYY

front/php/templates/language/fr_fr.json

@@ -311,7 +311,7 @@
     "Gen_Filter": "Filtrer",
     "Gen_Generate": "Générer",
     "Gen_InvalidMac": "Adresse MAC invalide.",
-    "Gen_Invalid_Value": "Une valeur invalide a été renseignée",
+    "Gen_Invalid_Value": "",
     "Gen_LockedDB": "Erreur - La base de données est peut-être verrouillée - Vérifier avec les outils de dév via F12 -> Console ou essayer plus tard.",
     "Gen_NetworkMask": "Masque réseau",
     "Gen_Offline": "Hors ligne",
@@ -762,4 +762,4 @@
     "settings_system_label": "Système",
     "settings_update_item_warning": "Mettre à jour la valeur ci-dessous. Veillez à bien suivre le même format qu'auparavant. <b>Il n'y a pas de pas de contrôle.</b>",
     "test_event_tooltip": "Enregistrer d'abord vos modifications avant de tester vôtre paramétrage."
-}
+}

front/php/templates/language/ru_ru.json

@@ -311,7 +311,7 @@
     "Gen_Filter": "Фильтр",
     "Gen_Generate": "Генерировать",
     "Gen_InvalidMac": "Неверный Mac-адрес.",
-    "Gen_Invalid_Value": "Введено некорректное значение",
+    "Gen_Invalid_Value": "",
     "Gen_LockedDB": "ОШИБКА - Возможно, база данных заблокирована. Проверьте инструменты разработчика F12 -> Консоль или повторите попытку позже.",
     "Gen_NetworkMask": "Маска сети",
     "Gen_Offline": "Оффлайн",
@@ -762,4 +762,4 @@
     "settings_system_label": "Система",
     "settings_update_item_warning": "Обновить значение ниже. Будьте осторожны, следуя предыдущему формату. <b>Проверка не выполняется.</b>",
     "test_event_tooltip": "Сначала сохраните изменения, прежде чем проверять настройки."
-}
+}

front/php/templates/language/uk_ua.json

@@ -311,7 +311,7 @@
     "Gen_Filter": "Фільтр",
     "Gen_Generate": "Генерувати",
     "Gen_InvalidMac": "Недійсна Mac-адреса.",
-    "Gen_Invalid_Value": "Введено недійсне значення",
+    "Gen_Invalid_Value": "",
     "Gen_LockedDB": "ПОМИЛКА – БД може бути заблоковано – перевірте F12 Інструменти розробника -> Консоль або спробуйте пізніше.",
     "Gen_NetworkMask": "Маска мережі",
     "Gen_Offline": "Офлайн",
@@ -762,4 +762,4 @@
     "settings_system_label": "Система",
     "settings_update_item_warning": "Оновіть значення нижче. Слідкуйте за попереднім форматом. <b>Перевірка не виконана.</b>",
     "test_event_tooltip": "Перш ніж перевіряти налаштування, збережіть зміни."
-}
+}

front/plugins/snmp_discovery/README.md

@@ -6,7 +6,7 @@ A plugin for importing devices from an SNMP-enabled router or switch. Using SNMP
 
 Specify the following settings in the Settings section of NetAlertX:
 
-- `SNMPDSC_routers` - A list of `snmpwalk` commands to execute against IP addresses of routers/switches with SNMP turned on. For example:
+- `SNMPDSC_routers` - A list of `snmpwalk` commands to execute against IP addresses of routers/switches with SNMP turned on. For example: 
 
   - `snmpwalk -v 2c -c public -OXsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2`
   - `snmpwalk -v 2c -c public -Oxsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2` (note: lower case `x`)
@@ -14,14 +14,6 @@ Specify the following settings in the Settings section of NetAlertX:
 
 If unsure, please check [snmpwalk examples](https://www.comparitech.com/net-admin/snmpwalk-examples-windows-linux/).
 
-Supported output formats:
-
-```
-ipNetToMediaPhysAddress[3][192.168.1.9] 6C:6C:6C:6C:6C:b6C1
-IP-MIB::ipNetToMediaPhysAddress.17.10.10.3.202 = STRING: f8:81:1a:ef:ef:ef
-mib-2.3.1.1.2.15.1.192.168.1.14 "2C F4 32 18 61 43 "
-```
-
 ### Setup Cisco IOS
 
 Enable IOS SNMP service and restrict to selected (internal) IP/Subnet.

front/plugins/snmp_discovery/script.py

@@ -30,7 +30,7 @@ RESULT_FILE = os.path.join(LOG_PATH, f'last_result.{pluginName}.log')
 
 
 def main():
-    mylog('verbose', f"[{pluginName}] In script ")
+    mylog('verbose', ['[SNMPDSC] In script '])
 
     # init global variables
     global snmpWalkCmds
@@ -57,7 +57,7 @@ def main():
             commands = [snmpWalkCmds]
 
         for cmd in commands:
-            mylog('verbose', [f"[{pluginName}] Router snmpwalk command: ", cmd])
+            mylog('verbose', ['[SNMPDSC] Router snmpwalk command: ', cmd])
             # split the string, remove white spaces around each item, and exclude any empty strings
             snmpwalkArgs = [arg.strip() for arg in cmd.split(' ') if arg.strip()]
 
@@ -72,7 +72,7 @@ def main():
                     timeout=(timeoutSetting)
                 )
 
-                mylog('verbose', [f"[{pluginName}] output: ", output])
+                mylog('verbose', ['[SNMPDSC] output: ', output])
 
                 lines = output.split('\n')
 
@@ -80,8 +80,6 @@ def main():
 
                     tmpSplt = line.split('"')
 
-                    # Expected Format:
-                    # mib-2.3.1.1.2.15.1.192.168.1.14 "2C F4 32 18 61 43 "
                     if len(tmpSplt) == 3:
 
                         ipStr = tmpSplt[0].split('.')[-4:]  # Get the last 4 elements to extract the IP
@@ -91,7 +89,7 @@ def main():
                             macAddress = ':'.join(macStr)
                             ipAddress = '.'.join(ipStr)
 
-                            mylog('verbose', [f"[{pluginName}] IP: {ipAddress} MAC: {macAddress}"])
+                            mylog('verbose', [f'[SNMPDSC] IP: {ipAddress} MAC: {macAddress}'])
 
                             plugin_objects.add_object(
                                 primaryId   = handleEmpty(macAddress),
@@ -102,40 +100,8 @@ def main():
                                 foreignKey  = handleEmpty(macAddress)  # Use the primary ID as the foreign key
                             )
                         else:
-                            mylog('verbose', [f"[{pluginName}] ipStr does not seem to contain a valid IP:", ipStr])
+                            mylog('verbose', ['[SNMPDSC] ipStr does not seem to contain a valid IP:', ipStr])
 
-                    # Expected Format:
-                    # IP-MIB::ipNetToMediaPhysAddress.17.10.10.3.202 = STRING: f8:81:1a:ef:ef:ef
-                    elif "ipNetToMediaPhysAddress" in line and "=" in line and "STRING:" in line:
-
-                        # Split on "=" → ["IP-MIB::ipNetToMediaPhysAddress.xxx.xxx.xxx.xxx ", " STRING: aa:bb:cc:dd:ee:ff"]
-                        left, right = line.split("=", 1)
-
-                        # Extract the MAC (right side)
-                        macAddress = right.split("STRING:")[-1].strip()
-                        macAddress = normalize_mac(macAddress)
-
-                        # Extract IP address from the left side
-                        # tail of the OID: last 4 integers = IPv4 address
-                        oid_parts = left.strip().split('.')
-                        ip_parts  = oid_parts[-4:]
-                        ipAddress = ".".join(ip_parts)
-
-                        mylog('verbose', [f"[{pluginName}] (fallback) IP: {ipAddress} MAC: {macAddress}"])
-
-                        plugin_objects.add_object(
-                            primaryId   = handleEmpty(macAddress),
-                            secondaryId = handleEmpty(ipAddress),
-                            watched1    = '(unknown)',
-                            watched2    = handleEmpty(snmpwalkArgs[6]),
-                            extra       = handleEmpty(line),
-                            foreignKey  = handleEmpty(macAddress)
-                        )
-
-                        continue
-
-                    # Expected Format:
-                    # ipNetToMediaPhysAddress[3][192.168.1.9] 6C:6C:6C:6C:6C:b6C1
                     elif line.startswith('ipNetToMediaPhysAddress'):
                         # Format: snmpwalk -OXsq output
                         parts = line.split()
@@ -144,7 +110,7 @@ def main():
                             ipAddress  = parts[0].split('[')[-1][:-1]
                             macAddress = normalize_mac(parts[1])
 
-                            mylog('verbose', [f"[{pluginName}] IP: {ipAddress} MAC: {macAddress}"])
+                            mylog('verbose', [f'[SNMPDSC] IP: {ipAddress} MAC: {macAddress}'])
 
                             plugin_objects.add_object(
                                 primaryId   = handleEmpty(macAddress),
@@ -155,7 +121,7 @@ def main():
                                 foreignKey  = handleEmpty(macAddress)
                             )
 
-    mylog('verbose', [f"[{pluginName}] Entries found: ", len(plugin_objects)])
+    mylog('verbose', ['[SNMPDSC] Entries found: ', len(plugin_objects)])
 
     plugin_objects.write_result_file()
 

server/api_server/api_server_start.py

@@ -87,8 +87,7 @@ CORS(
         r"/dbquery/*": {"origins": "*"},
         r"/messaging/*": {"origins": "*"},
         r"/events/*": {"origins": "*"},
-        r"/logs/*": {"origins": "*"},
-        r"/auth/*": {"origins": "*"}
+        r"/logs/*": {"origins": "*"}
     },
     supports_credentials=True,
     allow_headers=["Authorization", "Content-Type"],
@@ -745,23 +744,6 @@ def sync_endpoint():
         return jsonify({"success": False, "message": "ERROR: No allowed", "error": "Method Not Allowed"}), 405
 
 
-# --------------------------
-# Auth endpoint
-# --------------------------
-@app.route("/auth", methods=["GET"])
-def check_auth():
-    if not is_authorized():
-        return jsonify({"success": False, "message": "ERROR: Not authorized", "error": "Forbidden"}), 403
-
-    elif request.method == "GET":
-        return jsonify({"success": True, "message": "Authentication check successful"}), 200
-    else:
-        msg = "[sync endpoint] Method Not Allowed"
-        write_notification(msg, "alert")
-        mylog("verbose", [msg])
-        return jsonify({"success": False, "message": "ERROR: No allowed", "error": "Method Not Allowed"}), 405
-
-
 # --------------------------
 # Background Server Start
 # --------------------------

test/api_endpoints/test_auth_endpoints.py

@@ -1,66 +0,0 @@
-# tests/test_auth.py
-
-import sys
-import os
-import pytest
-
-# Register NetAlertX directories
-INSTALL_PATH = os.getenv("NETALERTX_APP", "/app")
-sys.path.extend([f"{INSTALL_PATH}/front/plugins", f"{INSTALL_PATH}/server"])
-
-from helper import get_setting_value  # noqa: E402
-from api_server.api_server_start import app  # noqa: E402
-
-
-@pytest.fixture(scope="session")
-def api_token():
-    """Load API token from system settings (same as other tests)."""
-    return get_setting_value("API_TOKEN")
-
-
-@pytest.fixture
-def client():
-    """Flask test client."""
-    with app.test_client() as client:
-        yield client
-
-
-def auth_headers(token):
-    return {"Authorization": f"Bearer {token}"}
-
-
-# -------------------------
-# AUTH ENDPOINT TESTS
-# -------------------------
-
-def test_auth_ok(client, api_token):
-    """Valid token should allow access."""
-    resp = client.get("/auth", headers=auth_headers(api_token))
-    assert resp.status_code == 200
-
-    data = resp.get_json()
-    assert data is not None
-    assert data.get("success") is True
-    assert "successful" in data.get("message", "").lower()
-
-
-def test_auth_missing_token(client):
-    """Missing token should be forbidden."""
-    resp = client.get("/auth")
-    assert resp.status_code == 403
-
-    data = resp.get_json()
-    assert data is not None
-    assert data.get("success") is False
-    assert "not authorized" in data.get("message", "").lower()
-
-
-def test_auth_invalid_token(client):
-    """Invalid bearer token should be forbidden."""
-    resp = client.get("/auth", headers=auth_headers("INVALID-TOKEN"))
-    assert resp.status_code == 403
-
-    data = resp.get_json()
-    assert data is not None
-    assert data.get("success") is False
-    assert "not authorized" in data.get("message", "").lower()