[IM] Add option to set behaviour of reseller aggregate graphs

[listerr]

This update adds a new config option GRAPHER_BACKEND_MRTG_RESELLER_AGGREGATE Which has the following options:

• include= Always include reseller uplink ports in member aggregate graphs (default)

  • Set this if resellers always have separate physical peering/uplink ports.

• exclude = Always exclude reseller uplink ports from member aggregate graphs.

• ppp = Only include peering/reseller uplink ports having a crossconnect.

  • All other other port types are included except 'fanout'.

  • Set this if you have patch panel records, and resellers:

    • Can have only reseller uplink ports (no peering ports), or;
    • Have their own peering VLAN via the same physical interface as the reseller uplink port, or;
    • Have their own peering VLAN via a subinterface of reseller uplink port.
    • Other 'software' interfaces or VLAN translation is used for reseller peering ports., and you want to avoid double-counting.

  In this case, for resellers, reseller|peering ports which do not have an associated patch panel port are not added to the member aggregate graphs. This solves the problem where reseller ports are double counted on the aggregate graphs for the member.

This only affects the individual aggregate graphs for resellers. Reseller/Fanout ports are always excluded from overall aggregate graphs. (as before).

In addition to the above, I have:

• ensured all relevant template output is escaped to avoid XSS attached with <?= $t->ee( $data ) ?> or equivalent.
• ensured appropriate checks against user privilege / resources accessed
• API calls (particular for add/edit/delete/toggle) are not implemented with GET and use CSRF tokens to avoid CSRF attacks