cleanup

SebSept · SebSept · commit 197c4e87f248 · 2026-04-29T16:54:52.000+02:00
diff --git a/src/Glpi/Controller/Security/ReAuthController.php b/src/Glpi/Controller/Security/ReAuthController.php
@@ -89,6 +89,7 @@ public function verify(Request $request): Response
         if ($this->reAuthManager->verify((string) $user_input)) {
             $this->reAuthManager->authenticate();
 
+            // catched in RedirectPostExceptionListener
             throw new ReauthRedirectException(
                 $this->reAuthManager->getRedirectURL(),
                 $this->reAuthManager->getRedirectData(),
diff --git a/src/Glpi/Kernel/Listener/ExceptionListener/RedirectPostExceptionListener.php b/src/Glpi/Kernel/Listener/ExceptionListener/RedirectPostExceptionListener.php
@@ -61,16 +61,12 @@ public function onKernelException(ExceptionEvent $event): void
             return;
         }
 
-        // The original CSRF token was already consumed during the initial request validation.
-        // Remove it so the Twig template can inject a fresh one via {{ csrf_token() }}.
-        $post_data = $throwable->getData();
-        unset($post_data['_glpi_csrf_token']);
-
         // Carry the original URL as a POST field so that Html::getRefererUrl() can return
         // the correct "back" URL on the replayed request.
         // Without this, the browser would send Referer: /ReAuth/Verify (the page that served
         // this auto-submit form), causing Html::back() to redirect to the wrong place.
-        $post_data['_glpi_http_referer'] = $throwable->getUrl();
+        $post_data = $throwable->getData();
+        $post_data['_glpi_http_referer'] = $throwable->getUrl(); // @todo sert encore ?
 
         $response = new Response(
             TemplateRenderer::getInstance()->render('pages/redirect_post.html.twig', [
diff --git a/src/Html.php b/src/Html.php
@@ -2073,30 +2073,8 @@ public static function showMassiveActions($options = [])
                     );
                 }
             }
-        }
-        else
-        {
-//            @todo revert
-            // Reauth is needed : "Actions" button will trigger redirection to ReAuth/Prompt page instead of opening massive action modal
-//            if($p['reauth_needed'] === true) {
-//                $out = '<a role="button" class="'. htmlescape($p['action_button_classes']) . '" href="/ReAuth/Prompt" >Reauth</a>';
-//                // normalement : passer par reauthManager::redirect()
-//                // @todo i18n
-//                // @todo laisser le même libélé pour ne pas perturber les utilisateurs
-//                // @todo manque le ~glpi_rootdoc
-//                //         path: "/ReAuth/Prompt",
-//                //        name: "reauth_prompt",
-//                if ($p['display']) {
-//                    echo $out;
-//                    return true; // @todo false ??
-//                } else {
-//                    return $out;
-//                }
-//            }
-
+        } else {
             // Create Modal window on top
-
-
             if (
                 $p['ontop']
                 || (isset($p['forcecreate']) && $p['forcecreate'])
diff --git a/src/MassiveAction.php b/src/MassiveAction.php
@@ -614,6 +614,7 @@ public static function getAllMassiveActions($item, $is_deleted = false, ?CommonD
             return false;
         }
 
+        /** @var CommonDBTM $item  */
         if (!is_null($checkitem)) {
             $canupdate = $checkitem->canUpdate();
             $candelete = $checkitem->canDelete();
@@ -820,7 +821,7 @@ public function showSubForm()
      **/
     public function showDefaultSubForm()
     {
-        echo Html::submit(_x('button', 'Post 3'), [
+        echo Html::submit(_x('button', 'Post 3'), [ // @todo cleanup
             'name'  => 'massiveaction',
             'icon'  => 'ti ti-device-floppy',
             'class' => 'btn btn-sm btn-primary',
@@ -852,8 +853,7 @@ public static function showMassiveActionsSubForm(MassiveAction $ma)
                     'multiple' => true,
                 ]);
                 echo '<br>';
-                echo Html::submit(_x('button', 'Post'), [
-                echo Html::submit(_x('button', 'Post 4'), [
+                echo Html::submit(_x('button', 'Post 4'), [ // @todo cleanup
                     'name'  => 'massiveaction',
                 ]);
                 return true;
@@ -1174,7 +1174,7 @@ public static function showMassiveActionsSubForm(MassiveAction $ma)
                 if (isset($ma->POST['submitname']) && $ma->POST['submitname']) {
                     $submitname = $ma->POST['submitname'];
                 } else {
-                    $submitname = _x('button', 'Post 5');
+                    $submitname = _x('button', 'Post 5'); // @todo cleanup
                     $submit_options['icon'] = 'ti ti-device-floppy';
                 }
                 echo Html::submit($submitname, $submit_options);
@@ -1206,7 +1206,7 @@ public static function showMassiveActionsSubForm(MassiveAction $ma)
                 if (isset($ma->POST['submitname']) && $ma->POST['submitname']) {
                     $submitname = $ma->POST['submitname'];
                 } else {
-                    $submitname = _x('button', 'Post 6');
+                    $submitname = _x('button', 'Post 6'); // @todo cleanup
                     $submit_options['icon'] = 'ti ti-device-floppy';
                 }
                 echo Html::submit($submitname, $submit_options);
@@ -1232,7 +1232,7 @@ public static function showMassiveActionsSubForm(MassiveAction $ma)
                 if (isset($ma->POST['submitname']) && $ma->POST['submitname']) {
                     $submitname = $ma->POST['submitname'];
                 } else {
-                    $submitname = _x('button', 'Post 7');
+                    $submitname = _x('button', 'Post 7'); // @todo cleanup
                     $submit_options['icon'] = 'ti ti-device-floppy';
                 }
                 echo Html::submit($submitname, $submit_options);
diff --git a/src/Session.php b/src/Session.php
@@ -181,15 +181,15 @@ public static function init(Auth $auth)
 
         self::loadLanguage();
 
-                    if ($auth->password_expired) {
-                        // Make sure we are not in debug mode, as it could trigger some ajax request that would
-                        // fail the session check (as we use a special partial session here without profiles) and thus
-                        // destroy the session.
-                        $_SESSION["glpi_use_mode"] = self::NORMAL_MODE;
-                        $_SESSION['glpi_password_expired'] = 1;
-                        // Do not init profiles, as user has to update its password to be able to use GLPI
-                        return;
-                    }
+        if ($auth->password_expired) {
+            // Make sure we are not in debug mode, as it could trigger some ajax request that would
+            // fail the session check (as we use a special partial session here without profiles) and thus
+            // destroy the session.
+            $_SESSION["glpi_use_mode"] = self::NORMAL_MODE;
+            $_SESSION['glpi_password_expired'] = 1;
+            // Do not init profiles, as user has to update its password to be able to use GLPI
+            return;
+        }
 
         // glpiprofiles -> other available profile with link to the associated entities
         Plugin::doHook(Hooks::INIT_SESSION);
