M-Falken commented 1 year ago

Code of Conduct

[X] I agree to follow this project's Code of Conduct

Is there an existing issue for this?

[X] I have searched the existing issues

Version

10.0.7

Bug description

Hi We do not have anymore planned tasks when we export as webcal or ical. Only external events are display It works ok on a v10.0.6

Thanks

Relevant log output

Nothing special in the log

Page URL

webcal://example.com:443/front/planning.php?genical=1&uID=7982&gID=0&entities_id=0&is_recursive=1&token=**

Steps To reproduce

access a planing with planned tasks for a tech.
click on three dots menu on the right of the technician name.
export as webcal or ics in an agenda.
only external events are present.

Your GLPI setup information

Informations sur le système, l'installation et la configuration

GLPI 10.0.7 ( => /home/public_html/glpi)
Installation mode: TARBALL
Current language:fr_FR

Server

 
Operating system: Linux **** 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64
PHP 8.1.18 litespeed (Core, PDO, Phar, Reflection, SPL, SimpleXML, Zend OPcache, apcu, bcmath, bz2, calendar, ctype, curl, date,
    dom, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, imagick, imap, intl, json, ldap, libxml, litespeed, mbstring,
    memcached, mysqli, mysqlnd, openssl, pcntl, pcre, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, posix, readline, session, shmop,
    soap, sockets, sqlite3, standard, sysvmsg, sysvsem, sysvshm, timezonedb, tokenizer, xml, xmlreader, xmlwriter, xsl, zip, zlib)
Setup: max_execution_time="600" memory_limit="256M" post_max_size="16M" safe_mode="" session.save_handler="files"
    upload_max_filesize="16M" 
Software: LiteSpeed
    Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0
Server Software: MariaDB Server
    Server Version: 10.3.38-MariaDB-log
    Server SQL Mode: ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
    Parameters: ****@localhost/******
    Host info: Localhost via UNIX socket

PHP version (8.1.18) is supported.
Sessions configuration is OK.
Allocated memory is sufficient.
mysqli extension is installed.
Following extensions are installed: dom, fileinfo, json, simplexml.
curl extension is installed.
gd extension is installed.
intl extension is installed.
libxml extension is installed.
zlib extension is installed.
The constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present.
Database engine version (10.3.38) is supported.
No files from previous GLPI version detected.
The log file has been created successfully.
Write access to /home/public_html/glpi/files/_cache has been validated.
Write access to /home/public_html/glpi/config has been validated.
Write access to /home/public_html/glpi/files/_cron has been validated.
Write access to /home/public_html/glpi/files has been validated.
Write access to /home/public_html/glpi/files/_dumps has been validated.
Write access to /home/public_html/glpi/files/_graphs has been validated.
Write access to /home/public_html/glpi/files/_lock has been validated.
Write access to /home/public_html/glpi/files/_pictures has been validated.
Write access to /home/public_html/glpi/files/_plugins has been validated.
Write access to /home/public_html/glpi/files/_rss has been validated.
Write access to /home/public_html/glpi/files/_sessions has been validated.
Write access to /home/public_html/glpi/files/_tmp has been validated.
Write access to /home/public_html/glpi/files/_uploads has been validated.
For security reasons, SELinux mode should be Enforcing.

Web server root directory configuration is not safe as it permits access to non-public files. See installation documentation for more details.
The following directories should be placed outside "/home/public_html/glpi/":
‣ "/home/public_html/glpi/files" ("GLPI_VAR_DIR")
‣ "/home/public_html/glpi/config" ("GLPI_CONFIG_DIR")
You can ignore this suggestion if your web server root directory is "/home/public_html/glpi/public".
Sessions configuration is secured.
OS and PHP are relying on 64 bits integers.
exif extension is installed.
ldap extension is installed.
openssl extension is installed.
Following extensions are installed: bz2, Phar, zip.
Zend OPcache extension is installed.
Following extensions are installed: ctype, iconv, mbstring.
Following extensions are not present: sodium.
Write access to /home/public_html/glpi/marketplace has been validated.
Timezones seems loaded in database.

GLPI constants

 
GLPI_ROOT: "/home/emaging/public_html/glpi"
GLPI_CONFIG_DIR: "/home/public_html/glpi/config"
GLPI_VAR_DIR: "/home/public_html/glpi/files"
GLPI_MARKETPLACE_DIR: "/home/public_html/glpi/marketplace"
GLPI_USE_CSRF_CHECK: "1"
GLPI_CSRF_EXPIRES: "7200"
GLPI_CSRF_MAX_TOKENS: "100"
GLPI_USE_IDOR_CHECK: "1"
GLPI_IDOR_EXPIRES: "7200"
GLPI_ALLOW_IFRAME_IN_RICH_TEXT: false
GLPI_SERVERSIDE_URL_ALLOWLIST: ["/^(https?|feed):\\/\\/[^@:]+(\\/.*)?$/"]
GLPI_TELEMETRY_URI: "https://telemetry.glpi-project.org"
GLPI_INSTALL_MODE: "TARBALL"
GLPI_NETWORK_MAIL: "glpi@teclib.com"
GLPI_NETWORK_SERVICES: "https://services.glpi-network.com"
GLPI_MARKETPLACE_ALLOW_OVERRIDE: true
GLPI_MARKETPLACE_MANUAL_DOWNLOADS: true
GLPI_USER_AGENT_EXTRA_COMMENTS: ""
GLPI_DISABLE_ONLY_FULL_GROUP_BY_SQL_MODE: "1"
GLPI_AJAX_DASHBOARD: "1"
GLPI_CALDAV_IMPORT_STATE: 0
GLPI_DEMO_MODE: "0"
GLPI_CENTRAL_WARNINGS: "1"
GLPI_DOC_DIR: "/home/public_html/glpi/files"
GLPI_CACHE_DIR: "/home/public_html/glpi/files/_cache"
GLPI_CRON_DIR: "/home/public_html/glpi/files/_cron"
GLPI_DUMP_DIR: "/home/public_html/glpi/files/_dumps"
GLPI_GRAPH_DIR: "/home/public_html/glpi/files/_graphs"
GLPI_LOCAL_I18N_DIR: "/home/public_html/glpi/files/_locales"
GLPI_LOCK_DIR: "/home/public_html/glpi/files/_lock"
GLPI_LOG_DIR: "/home/public_html/glpi/files/_log"
GLPI_PICTURE_DIR: "/home/public_html/glpi/files/_pictures"
GLPI_PLUGIN_DOC_DIR: "/home/public_html/glpi/files/_plugins"
GLPI_RSS_DIR: "/home/public_html/glpi/files/_rss"
GLPI_SESSION_DIR: "/home/public_html/glpi/files/_sessions"
GLPI_TMP_DIR: "/home/public_html/glpi/files/_tmp"
GLPI_UPLOAD_DIR: "/home/public_html/glpi/files/_uploads"
GLPI_INVENTORY_DIR: "/home/public_html/glpi/files/_inventories"
GLPI_NETWORK_REGISTRATION_API_URL: "https://services.glpi-network.com/api/registration/"
GLPI_MARKETPLACE_PLUGINS_API_URI: "https://services.glpi-network.com/api/glpi-plugins/"
GLPI_I18N_DIR: "/home/public_html/glpi/locales"
GLPI_VERSION: "10.0.7"
GLPI_SCHEMA_VERSION: "10.0.7"
GLPI_MARKETPLACE_PRERELEASES: false
GLPI_MIN_PHP: "7.4.0"
GLPI_MAX_PHP: "8.3.0"
GLPI_YEAR: "2023"

Libraries

 
htmlawed/htmlawed version 1.2.9 in (/home/public_html/glpi/vendor/htmlawed/htmlawed)
phpmailer/phpmailer version 6.8.0 in (/home/public_html/glpi/vendor/phpmailer/phpmailer/src)
simplepie/simplepie version 1.5.8 in (/home/public_html/glpi/vendor/simplepie/simplepie/library)
tecnickcom/tcpdf version 6.6.2 in (/home/public_html/glpi/vendor/tecnickcom/tcpdf)
michelf/php-markdown in (/home/public_html/glpi/vendor/michelf/php-markdown/Michelf)
true/punycode in (/home/public_html/glpi/vendor/true/punycode/src)
iamcal/lib_autolink in (/home/public_html/glpi/vendor/iamcal/lib_autolink)
sabre/dav in (/home/public_html/glpi/vendor/sabre/dav/lib/DAV)
sabre/http in (/home/public_html/glpi/vendor/sabre/http/lib)
sabre/uri in (/home/public_html/glpi/vendor/sabre/uri/lib)
sabre/vobject in (/home/public_html/glpi/vendor/sabre/vobject/lib)
laminas/laminas-i18n in (/home/public_html/glpi/vendor/laminas/laminas-i18n/src)
laminas/laminas-servicemanager in (/home/public_html/glpi/vendor/laminas/laminas-servicemanager/src)
monolog/monolog in (/home/public_html/glpi/vendor/monolog/monolog/src/Monolog)
sebastian/diff in (/home/public_html/glpi/vendor/sebastian/diff/src)
donatj/phpuseragentparser in (/home/public_html/glpi/vendor/donatj/phpuseragentparser/src/UserAgent)
elvanto/litemoji in (/home/public_html/glpi/vendor/elvanto/litemoji/src)
symfony/console in (/home/public_html/glpi/vendor/symfony/console)
scssphp/scssphp in (/home/public_html/glpi/vendor/scssphp/scssphp/src)
laminas/laminas-mail in (/home/public_html/glpi/vendor/laminas/laminas-mail/src/Protocol)
laminas/laminas-mime in (/home/public_html/glpi/vendor/laminas/laminas-mime/src)
rlanvin/php-rrule in (/home/public_html/glpi/vendor/rlanvin/php-rrule/src)
blueimp/jquery-file-upload in (/home/public_html/glpi/vendor/blueimp/jquery-file-upload/server/php)
ramsey/uuid in (/home/public_html/glpi/vendor/ramsey/uuid/src)
psr/log in (/home/public_html/glpi/vendor/psr/log/Psr/Log)
psr/simple-cache in (/home/public_html/glpi/vendor/psr/simple-cache/src)
psr/cache in (/home/public_html/glpi/vendor/psr/cache/src)
league/csv in (/home/public_html/glpi/vendor/league/csv/src)
mexitek/phpcolors in (/home/public_html/glpi/vendor/mexitek/phpcolors/src/Mexitek/PHPColors)
guzzlehttp/guzzle in (/home/public_html/glpi/vendor/guzzlehttp/guzzle/src)
guzzlehttp/psr7 in (/home/public_html/glpi/vendor/guzzlehttp/psr7/src)
glpi-project/inventory_format in (/home/public_html/glpi/vendor/glpi-project/inventory_format/lib/php)
wapmorgan/unified-archive in (/home/public_html/glpi/vendor/wapmorgan/unified-archive/src)
paragonie/sodium_compat in (/home/public_html/glpi/vendor/paragonie/sodium_compat/src)
symfony/cache in (/home/public_html/glpi/vendor/symfony/cache)
html2text/html2text in (/home/public_html/glpi/vendor/html2text/html2text/src)
symfony/css-selector in (/home/public_html/glpi/vendor/symfony/css-selector)
symfony/dom-crawler in (/home/public_html/glpi/vendor/symfony/dom-crawler)
twig/twig in (/home/public_html/glpi/vendor/twig/twig/src)
twig/string-extra in (/home/public_html/glpi/vendor/twig/string-extra)
symfony/polyfill-ctype not found
symfony/polyfill-iconv not found
symfony/polyfill-mbstring not found
symfony/polyfill-php80 not found
symfony/polyfill-php81 not found
symfony/polyfill-php82 in (/home/public_html/glpi/vendor/symfony/polyfill-php82)
league/oauth2-client in (/home/public_html/glpi/vendor/league/oauth2-client/src/Provider)
league/oauth2-google in (/home/public_html/glpi/vendor/league/oauth2-google/src/Provider)
thenetworg/oauth2-azure in (/home/public_html/glpi/vendor/thenetworg/oauth2-azure/src/Provider)

SQL replicas

 
Not active

Notifications

 
Way of sending emails: SMTP+TLS (******)

Plugins list

 
    fields               Name: Additional fields              Version: 1.20.5     State: Enabled                                 
        Install Method: Marketplace
    advancedplanning     Name: advancedplanning               Version: 1.1.0      State: Enabled                                 
        Install Method: Marketplace
    moreticket           Name: More ticket                    Version: 1.7.1      State: Enabled                                 
        Install Method: Marketplace
    os                   Name: Os                             Version: 0.1.2      State: Enabled                                 
        Install Method: Manual

Anything else?

No response

Gambware commented 1 year ago

We are having the same problem. When synchronizing through iCal, only external events are being synced. No planned tasks in the tickets are being synchronized through iCal.

cedric-anne commented 1 year ago

Hi,

I confirm the issue. This is due to this commit: c4075349e3eb0b98733fb5cc1c65460c5d83da4d

cedric-anne commented 1 year ago

14751 should fix this issue.

M-Falken commented 1 year ago

Hi, patch applied and tested with ical and webcal. sorry but same issue...only external events shown

M-Falken commented 1 year ago

It's not fixed, the bug still exists. despite to be super admin or by using a tech profile. When I remove the code from the latest patch involving the rights (including the old code that the patch replaces), everything works fine. To put it simply, if I use the file from 10.0.6 everything works fine. So something is still wrong in the last https://github.com/glpi-project/glpi/pull/14751/commits/d2c995dd99c7be9775b2a299e838fdf420f310b1

cedric-anne commented 1 year ago

It's not fixed, the bug still exists. despite to be super admin or by using a tech profile. When I remove the code from the latest patch involving the rights (including the old code that the patch replaces), everything works fine. To put it simply, if I use the file from 10.0.6 everything works fine. So something is still wrong in the last d2c995d

I just tried and I was able to get ticket tasks, project tasks, reminders, ...

M-Falken commented 1 year ago

Whether you are under the profile of a technician or not? And with a task within a ticket assigned to a sub-entity?

Zoddo commented 1 year ago

We just upgraded to 10.0.7 from GLPI 9.5 and we are having the same issue (exported plannings are empty). I tried to apply 422f73e, but it doesn't fix it for us either.

To prevent any doubts, I applied the patch this way (while being inside the GLPI's directory):

curl https://github.com/glpi-project/glpi/commit/422f73ea2e272260e68afd236f8ca09e8e17b5bf.patch | patch -p1

and then checked that the file was correctly patched.

However, if I comment out the whole "reset/clean rights" code, the exported planning work again as expected.

If this may help, all our tickets are created in sub-entities and all technicians have the "Technician" profile applied recursively on the root entity, and set as default in their user settings. We use exclusively ticket tasks.

Please let me know if there is anything I can provide to help debug the issue ;)

cedric-anne commented 1 year ago

@Zoddo

Please try with GLPI 10.0.8. It has been released a few minutes ago. If you can reproduce, I will reopen the issue.

Zoddo commented 1 year ago

@cedric-anne I just upgraded our test instance to 10.0.8, and I still reproduce the issue.

Zoddo commented 1 year ago

I quickly looked at this. For me, this issue is caused by removing all rights except READ, especially on ticket and task.

The read right on tickets give access only to tickets where the current user is either a requester or an observer.
For tasks, the read right give access only to public tasks (or private tasks created by the current user).

To correctly access tickets/tasks that should be accessible to the current user, the following additional rights should be retained :

For tickets: READALL, READGROUP, READASSIGN
For tasks: SEEPRIVATE
And the same thing for problems, etc.

Without this, only private tasks created by the current user in its own tickets will be accessible.

In fact, forcing READALL for tickets and SEEPRIVATE for tasks by adding the following code just after the rights-cleaning code "fix" the issue for me:

$_SESSION['glpiactiveprofile']['ticket'] = 1025;
$_SESSION['glpiactiveprofile']['task'] = 8193;

(⚠️ To anyone else coming across this comment, do not do that in any live instance, because it will bypass rights assigned to the user)

cedric-anne commented 1 year ago

Hi,

Sorry for the (really) late delay. #15157 should fix this.

Could you confirm that everything works as expected?

Zoddo commented 1 year ago

Hi, I confirm that #15157 fixes the issue for me. Thanks!

cedric-anne commented 1 year ago

Fixed by #15157

glpi-project / glpi

WebCal and iCAL export are almost empty since 10.0.7 #14711

Code of Conduct

Is there an existing issue for this?

Version

Bug description

Relevant log output

Page URL

Steps To reproduce

Your GLPI setup information

Anything else?

14751 should fix this issue.