diff options
author | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-04-07 13:14:00 +0000 |
---|---|---|
committer | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-04-07 13:14:00 +0000 |
commit | d1f0507236793e1d4b28eb213b17432cef9bdd99 (patch) | |
tree | d6c07129b66ba6acb0cac47fab9a6bf5452e7b86 /frontends/php/chart_sla.php | |
parent | 81c4d84a47e5d82758d45a83cd0b4b9cb35c7ea8 (diff) | |
download | zabbix-d1f0507236793e1d4b28eb213b17432cef9bdd99.tar.gz zabbix-d1f0507236793e1d4b28eb213b17432cef9bdd99.tar.xz zabbix-d1f0507236793e1d4b28eb213b17432cef9bdd99.zip |
- [DEV-137] improvements in permissions checks (Artem)
- [DEV-137] fixed issue "viewing items, hosts without group in latest data" (Artem)
git-svn-id: svn://svn.zabbix.com/trunk@5595 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/chart_sla.php')
-rw-r--r-- | frontends/php/chart_sla.php | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/frontends/php/chart_sla.php b/frontends/php/chart_sla.php index 5759bbeb..1fe9f888 100644 --- a/frontends/php/chart_sla.php +++ b/frontends/php/chart_sla.php @@ -38,22 +38,19 @@ include_once "include/page_header.php"; check_fields($fields); ?> <?php - if(! (DBfetch(DBselect('select serviceid from services where serviceid='.$_REQUEST["serviceid"]))) ) - { + if(!DBfetch(DBselect('select serviceid from services where serviceid='.$_REQUEST["serviceid"])) ){ fatal_error(S_NO_IT_SERVICE_DEFINED); } - $denyed_hosts = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_ONLY,PERM_MODE_LT); + $available_triggers = get_accessible_triggers(PERM_READ_ONLY, null, get_current_nodeid()); - if( !($service = DBfetch(DBselect('SELECT s.* '. - ' FROM services s '. - ' LEFT JOIN triggers t ON s.triggerid=t.triggerid '. - ' LEFT JOIN functions f ON t.triggerid=f.triggerid '. - ' LEFT JOIN items i ON f.itemid=i.itemid '. - ' WHERE (i.hostid is NULL or i.hostid not in ('.$denyed_hosts.')) '. - ' AND s.serviceid='.$_REQUEST['serviceid'] - )))) - { + $sql = 'SELECT s.* '. + ' FROM services s '. + ' WHERE s.serviceid='.$_REQUEST['serviceid']. + ' AND (s.triggerid IS NULL OR s.triggerid in ('.$available_triggers.')) '. + ' AND DBin_node('s.serviceid')'; + + if(!$service = DBfetch(DBselect($sql))){ access_deny(); } ?> |