diff options
| author | osmiy <osmiy@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-10-23 07:34:27 +0000 |
|---|---|---|
| committer | osmiy <osmiy@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-10-23 07:34:27 +0000 |
| commit | 28a09ed13e41ddbe5e30d63e92a1f5fb3395ef89 (patch) | |
| tree | 8281ccd48964ee0dd11c5ea689091fa3cef706fb /frontends/php/actionconf.php | |
| parent | 495799b2aa61aab23d74d7faa110a0cd09d59bf0 (diff) | |
| download | zabbix-28a09ed13e41ddbe5e30d63e92a1f5fb3395ef89.tar.gz zabbix-28a09ed13e41ddbe5e30d63e92a1f5fb3395ef89.tar.xz zabbix-28a09ed13e41ddbe5e30d63e92a1f5fb3395ef89.zip | |
- developed group permission system (Eugene)
git-svn-id: svn://svn.zabbix.com/trunk@3371 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/actionconf.php')
| -rw-r--r-- | frontends/php/actionconf.php | 103 |
1 files changed, 67 insertions, 36 deletions
diff --git a/frontends/php/actionconf.php b/frontends/php/actionconf.php index d28bcbd6..a83fb43c 100644 --- a/frontends/php/actionconf.php +++ b/frontends/php/actionconf.php @@ -19,24 +19,20 @@ **/ ?> <?php - include "include/config.inc.php"; - include "include/forms.inc.php"; - $page["title"]="S_CONFIGURATION_OF_ACTIONS"; - $page["file"]="actionconf.php"; - show_header($page["title"],0,0); - insert_confirm_javascript(); -?> + require_once "include/config.inc.php"; + require_once "include/actions.inc.php"; + require_once "include/hosts.inc.php"; + require_once "include/triggers.inc.php"; + require_once "include/forms.inc.php"; -<?php - if(!check_anyright("Configuration of Zabbix","U")) - { - show_table_header("<font color=\"AA0000\">".S_NO_PERMISSIONS."</font>"); - show_page_footer(); - exit; - } + $page["title"] = "S_CONFIGURATION_OF_ACTIONS"; + $page["file"] = "actionconf.php"; - $_REQUEST["actiontype"] = get_request("actiontype",get_profile("web.actionconf.actiontype",0)); +include_once "include/page_header.php"; + + insert_confirm_javascript(); + $_REQUEST["actiontype"] = get_request("actiontype",get_profile("web.actionconf.actiontype",0)); ?> <?php // VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION @@ -88,13 +84,15 @@ ); check_fields($fields); + + if(isset($_REQUEST['actionid']) && !action_accessiable($_REQUEST['actionid'], PERM_READ_WRITE)) + { + access_deny(); + } ?> - <?php update_profile("web.actionconf.actiontype",$_REQUEST["actiontype"]); - update_profile("web.menu.config.last",$page["file"]); ?> - <?php if(isset($_REQUEST["save"])) { @@ -106,6 +104,7 @@ if(isset($_REQUEST["actionid"])) { + // TODO check permission by new value. $actionid=$_REQUEST["actionid"]; $result = update_action($actionid, $_REQUEST['actiontype'],$_REQUEST['userid'], @@ -115,6 +114,9 @@ show_messages($result,S_ACTION_UPDATED,S_CANNOT_UPDATE_ACTION); } else { + if(count(get_accessible_nodes_by_user($USER_DETAILS,PERM_READ_WRITE,PERM_MODE_LT,PERM_RES_IDS_ARRAY,$ZBX_CURNODEID))) + access_deny(); + $actionid=add_action( $_REQUEST['actiontype'],$_REQUEST['userid'], $_REQUEST["subject"],$_REQUEST["message"],$_REQUEST["recipient"], @@ -180,38 +182,60 @@ elseif(isset($_REQUEST["group_enable"])&&isset($_REQUEST["g_actionid"])) { $result=DBselect("select distinct actionid from actions". - " where mod(actionid,100)=".$ZBX_CURNODEID); + " where ".DBid2nodeid("actionid")."=".$ZBX_CURNODEID. + " and actionid in (".implode($_REQUEST["g_actionid"]).") " + ); + + $actionids = array(); while($row=DBfetch($result)) { - if(!in_array($row["actionid"], $_REQUEST["g_actionid"])) continue; - $res=update_action_status($row["actionid"],0); + $res = update_action_status($row["actionid"],0); + if($res) + array_push($row["actionid"], $actionids); } if(isset($res)) + { show_messages(true, S_STATUS_UPDATED, S_CANNOT_UPDATE_STATUS); + add_audit(AUDIT_ACTION_UPDATE, AUDIT_RESOURCE_ACTION, ' Actions ['.implode(',',$actionids).'] enabled'); + } } elseif(isset($_REQUEST["group_disable"])&&isset($_REQUEST["g_actionid"])) { $result=DBselect("select distinct actionid from actions". - " where mod(actionid,100)=".$ZBX_CURNODEID); + " where ".DBid2nodeid("actionid")."=".$ZBX_CURNODEID. + " and actionid in (".implode($_REQUEST["g_actionid"]).") " + ); + $actionids = array(); while($row=DBfetch($result)) { - if(!in_array($row["actionid"], $_REQUEST["g_actionid"])) continue; - $res=update_action_status($row["actionid"],1); + $res = update_action_status($row["actionid"],1); + if($res) + array_push($row["actionid"], $actionids); } if(isset($res)) + { show_messages(true, S_STATUS_UPDATED, S_CANNOT_UPDATE_STATUS); + add_audit(AUDIT_ACTION_UPDATE, AUDIT_RESOURCE_ACTION, ' Actions ['.implode(',',$actionids).'] disabled'); + } } elseif(isset($_REQUEST["group_delete"])&&isset($_REQUEST["g_actionid"])) { $result=DBselect("select distinct actionid from actions". - " where mod(actionid,100)=".$ZBX_CURNODEID); + " where ".DBid2nodeid("actionid")."=".$ZBX_CURNODEID. + " and actionid in (".implode($_REQUEST["g_actionid"]).") " + ); + $actionids = array(); while($row=DBfetch($result)) { - if(!in_array($row["actionid"], $_REQUEST["g_actionid"])) continue; $del_res = delete_action($row["actionid"]); + if($del_res) + array_push($actionids, $row["actionid"]); } if(isset($del_res)) + { show_messages(TRUE, S_ACTIONS_DELETED, S_CANNOT_DELETE_ACTIONS); + add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_ACTION, ' Actions ['.implode(',',$actionids).'] deleted'); + } } ?> @@ -227,7 +251,7 @@ $form->AddItem(SPACE."|".SPACE); $form->AddItem(new CButton("form",S_CREATE_ACTION)); - show_header2(S_CONFIGURATION_OF_ACTIONS_BIG, $form); + show_table_header(S_CONFIGURATION_OF_ACTIONS_BIG, $form); echo BR; if(isset($_REQUEST["form"])) @@ -237,7 +261,7 @@ } else { - show_header2(S_ACTIONS_BIG); + show_table_header(S_ACTIONS_BIG); /* table */ $form = new CForm(); $form->SetName('actions'); @@ -254,17 +278,21 @@ S_STATUS)); $result=DBselect("select * from actions where actiontype=".$_REQUEST["actiontype"]. - " and mod(actionid,100)=".$ZBX_CURNODEID. + " and ".DBid2nodeid("actionid")."=".$ZBX_CURNODEID. " order by actiontype, source"); while($row=DBfetch($result)) { + if(!action_accessiable($row['actionid'], PERM_READ_WRITE)) continue; + $conditions=""; $result2=DBselect("select * from conditions where actionid=".$row["actionid"]. " order by conditiontype"); while($condition=DBfetch($result2)) { - $conditions=$conditions.get_condition_desc($condition["conditiontype"], - $condition["operator"],$condition["value"]).BR; + $conditions .= get_condition_desc( + $condition["conditiontype"], + $condition["operator"], + $condition["value"]).BR; } @@ -272,13 +300,13 @@ { if($row["recipient"] == RECIPIENT_TYPE_USER) { - $user=get_user_by_userid($row["userid"]); - $recipient=$user["alias"]; + $user = get_user_by_userid($row["userid"]); + $recipient = $user["alias"]; } else { - $groupd=get_usergroup_by_groupid($row["userid"]); - $recipient=$groupd["name"]; + $groupd = get_group_by_usrgrpid($row["userid"]); + $recipient = $groupd["name"]; } $subject = htmlspecialchars($row["subject"]); }elseif($_REQUEST["actiontype"] == ACTION_TYPE_COMMAND) @@ -333,6 +361,9 @@ $form->AddItem($tblActions); $form->Show(); } +?> +<?php + + include_once "include/page_footer.php"; - show_page_footer(); ?> |