diff options
| author | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2003-11-09 10:32:18 +0000 |
|---|---|---|
| committer | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2003-11-09 10:32:18 +0000 |
| commit | de372aa496c67a43fbcced4fac5848850f9082bd (patch) | |
| tree | 9f771d7fff7514ddb5a9da3c61f2ba24590e0bf7 /frontends/php | |
| parent | 9451ec4c19963e84114e29e35310b8a26ca3c4ed (diff) | |
| download | zabbix-de372aa496c67a43fbcced4fac5848850f9082bd.tar.gz zabbix-de372aa496c67a43fbcced4fac5848850f9082bd.tar.xz zabbix-de372aa496c67a43fbcced4fac5848850f9082bd.zip | |
- fixed permissions of PHP screens (Alexei)
git-svn-id: svn://svn.zabbix.com/trunk@1018 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php')
| -rw-r--r-- | frontends/php/config.php | 2 | ||||
| -rw-r--r-- | frontends/php/graphs.php | 4 | ||||
| -rw-r--r-- | frontends/php/hosts.php | 2 | ||||
| -rw-r--r-- | frontends/php/include/config.inc.php | 146 | ||||
| -rw-r--r-- | frontends/php/items.php | 4 | ||||
| -rw-r--r-- | frontends/php/latest.php | 2 | ||||
| -rw-r--r-- | frontends/php/queue.php | 2 | ||||
| -rw-r--r-- | frontends/php/report2.php | 2 | ||||
| -rw-r--r-- | frontends/php/screens.php | 2 | ||||
| -rw-r--r-- | frontends/php/services.php | 2 | ||||
| -rw-r--r-- | frontends/php/sysmaps.php | 4 | ||||
| -rw-r--r-- | frontends/php/tr_status.php | 2 | ||||
| -rw-r--r-- | frontends/php/triggers.php | 4 | ||||
| -rw-r--r-- | frontends/php/users.php | 2 |
14 files changed, 135 insertions, 45 deletions
diff --git a/frontends/php/config.php b/frontends/php/config.php index e061e7f5..fa5a5340 100644 --- a/frontends/php/config.php +++ b/frontends/php/config.php @@ -28,7 +28,7 @@ ?> <?php - if(!check_right("Configuration of Zabbix","U",0)) + if(!check_anyright("Configuration of Zabbix","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font >"); diff --git a/frontends/php/graphs.php b/frontends/php/graphs.php index 3a637a05..d727a2e5 100644 --- a/frontends/php/graphs.php +++ b/frontends/php/graphs.php @@ -32,7 +32,7 @@ ?> <?php - if(!check_right("Graph","U",0)) + if(!check_allright("Graph","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); @@ -76,7 +76,7 @@ $col=0; while($row=DBfetch($result)) { - if(!check_right("Graph","R",$row["graphid"])) + if(!check_right("Graph","U",$row["graphid"])) { continue; } diff --git a/frontends/php/hosts.php b/frontends/php/hosts.php index 1e1c378b..a6665399 100644 --- a/frontends/php/hosts.php +++ b/frontends/php/hosts.php @@ -27,7 +27,7 @@ ?> <?php - if(!check_right("Host","U",0)) + if(!check_anyright("Host","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); diff --git a/frontends/php/include/config.inc.php b/frontends/php/include/config.inc.php index 0864fedc..f3e3b798 100644 --- a/frontends/php/include/config.inc.php +++ b/frontends/php/include/config.inc.php @@ -116,6 +116,96 @@ return $row["cnt"]; } + function check_anyright($right,$permission) + { + global $USER_DETAILS; + + $sql="select permission from rights where name='Default permission' and userid=".$USER_DETAILS["userid"]; + $result=DBselect($sql); + + $default_permission="H"; + if(DBnum_rows($result)>0) + { + $default_permission=""; + while($row=DBfetch($result)) + { + $default_permission=$default_permission.$row["permission"]; + } + } +# default_permission + + $sql="select permission from rights where name='$right' and id!=0 and userid=".$USER_DETAILS["userid"]; + $result=DBselect($sql); + + $all_permissions=""; + if(DBnum_rows($result)>0) + { + while($row=DBfetch($result)) + { + $all_permissions=$all_permissions.$row["permission"]; + } + } +# all_permissions + +// echo "$all_permissions|$default_permission<br>"; + + switch ($permission) { + case 'A': + if(strstr($all_permissions,"A")) + { + return 1; + } + if(strstr($default_permission,"H")) + { + return 0; + } + else if(strstr($default_permission,"A")) + { + return 1; + } + break; + case 'R': + if(strstr($all_permissions,"R")) + { + return 1; + } + else if(strstr($all_permissions,"U")) + { + return 1; + } + if(strstr($default_permission,"H")) + { + return 0; + } + else if(strstr($default_permission,"R")) + { + return 1; + } + else if(strstr($default_permission,"U")) + { + return 1; + } + break; + case 'U': + if(strstr($all_permissions,"U")) + { + return 1; + } + if(strstr($default_permission,"H")) + { + return 0; + } + else if(strstr($default_permission,"U")) + { + return 1; + } + break; + default: + return 0; + } + return 0; + } + function check_right($right,$permission,$id) { global $USER_DETAILS; @@ -930,7 +1020,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; <tr> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Host","R",0)) + if(check_anyright("Host","R")) { echo "<a href=\"latest.php\">"; } @@ -947,7 +1037,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=10%> <?php - if(check_right("Host","R",0)) + if(check_anyright("Host","R")) { echo "<a href=\"tr_status.php?notitle=true&onlytrue=true&noactions=true&compact=true\">"; } @@ -963,7 +1053,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=10%> <?php - if(check_right("Host","R",0)) + if(check_anyright("Host","R")) { echo "<a href=\"queue.php\">"; } @@ -979,7 +1069,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=10%> <?php - if(check_right("Default permission","R",0)) + if(check_anyright("Default permission","R")) { echo "<a href=\"latestalarms.php\">"; } @@ -998,7 +1088,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Default permission","R",0)) + if(check_anyright("Default permission","R")) { echo "<a href=\"alerts.php\">"; } @@ -1016,7 +1106,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Network map","R",0)) + if(check_anyright("Network map","R")) { echo "<a href=\"maps.php\">"; } @@ -1034,7 +1124,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Graph","R",0)) + if(check_anyright("Graph","R")) { echo "<a href=\"charts.php\">"; } @@ -1052,7 +1142,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Screen","R",0)) + if(check_anyright("Screen","R")) { echo "<a href=\"screens.php\">"; } @@ -1071,7 +1161,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Service","R",0)) + if(check_anyright("Service","R")) { echo "<a href=\"srv_status.php\">"; } @@ -1103,7 +1193,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=2 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Default permission","R",0)) + if(check_anyright("Default permission","R")) { echo "<a href=\"about.php\">"; } @@ -1121,7 +1211,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=2 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Default permission","R",0)) + if(check_anyright("Default permission","R")) { echo "<a href=\"report1.php\">"; } @@ -1139,7 +1229,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=3 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Host","R",0)) + if(check_anyright("Host","R")) { echo "<a href=\"report2.php\">"; } @@ -1158,19 +1248,19 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </tr> <?php // Third row - if( check_right("Configuration of Zabbix","U",0) + if( check_anyright("Configuration of Zabbix","U") || - check_right("User","U",0) + check_anyright("User","U") || - check_right("Host","U",0) + check_anyright("Host","U") || - check_right("Graph","U",0) + check_anyright("Graph","U") || - check_right("Screen","U",0) + check_anyright("Screen","U") || - check_right("Network map","U",0) + check_anyright("Network map","U") || - check_right("Service","U",0) + check_anyright("Service","U") ) { @@ -1178,7 +1268,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; <tr> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Configuration of Zabbix","U",0)) + if(check_anyright("Configuration of Zabbix","U")) { echo "<a href=\"config.php\">"; } @@ -1194,7 +1284,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=10%> <?php - if(check_right("User","U",0)) + if(check_anyright("User","U")) { echo "<a href=\"users.php\">"; } @@ -1211,7 +1301,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=10%> <?php - if(check_right("Host","U",0)) + if(check_anyright("Host","U")) { echo "<a href=\"hosts.php\">"; } @@ -1227,7 +1317,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=10%> <?php - if(check_right("Host","U",0)) + if(check_anyright("Host","U")) { echo "<a href=\"items.php\">"; } @@ -1243,7 +1333,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Host","U",0)) + if(check_anyright("Host","U")) { echo "<a href=\"triggers.php\">"; } @@ -1260,7 +1350,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Network map","U",0)) + if(check_anyright("Network map","U")) { echo "<a href=\"sysmaps.php\">"; } @@ -1277,7 +1367,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Graph","U",0)) + if(check_anyright("Graph","U")) { echo "<a href=\"graphs.php\">"; } @@ -1294,7 +1384,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; </td> <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Screen","U",0)) + if(check_anyright("Screen","U")) { echo "<a href=\"screenconf.php\">"; } @@ -1312,7 +1402,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; <td colspan=1 bgcolor=FFFFFF align=center valign=top width=15%> <?php - if(check_right("Service","U",0)) + if(check_anyright("Service","U")) { echo "<a href=\"services.php\">"; } diff --git a/frontends/php/items.php b/frontends/php/items.php index 79e4c989..ef86ec2c 100644 --- a/frontends/php/items.php +++ b/frontends/php/items.php @@ -28,7 +28,7 @@ ?> <?php - if(!check_right("Host","U",0)) + if(!check_anyright("Host","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font >"); @@ -178,7 +178,7 @@ // $result=DBselect("select hostid,host from hosts order by host"); while($row=DBfetch($result)) { - if(!check_right("Host","R",$row["hostid"])) + if(!check_right("Host","U",$row["hostid"])) { continue; } diff --git a/frontends/php/latest.php b/frontends/php/latest.php index c36a1469..41674d99 100644 --- a/frontends/php/latest.php +++ b/frontends/php/latest.php @@ -26,7 +26,7 @@ ?> <?php - if(!check_right("Host","R",0)) + if(!check_anyright("Host","R")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); diff --git a/frontends/php/queue.php b/frontends/php/queue.php index 24794f1c..91c144d0 100644 --- a/frontends/php/queue.php +++ b/frontends/php/queue.php @@ -27,7 +27,7 @@ ?> <?php - if(!check_right("Host","R",0)) + if(!check_anyright("Host","R")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); diff --git a/frontends/php/report2.php b/frontends/php/report2.php index e2e17724..84a20159 100644 --- a/frontends/php/report2.php +++ b/frontends/php/report2.php @@ -26,7 +26,7 @@ ?> <?php - if(!check_right("Host","R",0)) + if(!check_anyright("Host","R")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); diff --git a/frontends/php/screens.php b/frontends/php/screens.php index f0fcd9cd..16b1b974 100644 --- a/frontends/php/screens.php +++ b/frontends/php/screens.php @@ -51,7 +51,7 @@ $result=DBselect("select screenid,name,cols,rows from screens order by name"); while($row=DBfetch($result)) { - if(!check_right("Screen","R",$row["screenid"])) + if(!check_right("Screen","U",$row["screenid"])) { continue; } diff --git a/frontends/php/services.php b/frontends/php/services.php index 7380f9fc..aedc3154 100644 --- a/frontends/php/services.php +++ b/frontends/php/services.php @@ -28,7 +28,7 @@ ?> <?php - if(!check_right("Service","U",0)) + if(!check_anyright("Service","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); diff --git a/frontends/php/sysmaps.php b/frontends/php/sysmaps.php index 30c9a5e2..bb23b66d 100644 --- a/frontends/php/sysmaps.php +++ b/frontends/php/sysmaps.php @@ -27,7 +27,7 @@ ?> <?php - if(!check_right("Network map","U",0)) + if(!check_anyright("Network map","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); @@ -76,7 +76,7 @@ $col=0; while($row=DBfetch($result)) { - if(!check_right("Network map","R",$row["sysmapid"])) + if(!check_right("Network map","U",$row["sysmapid"])) { continue; } diff --git a/frontends/php/tr_status.php b/frontends/php/tr_status.php index fbb39e5a..5d76e9dd 100644 --- a/frontends/php/tr_status.php +++ b/frontends/php/tr_status.php @@ -83,7 +83,7 @@ } ?> <?php - if(!check_right("Host","R",0)) + if(!check_anyright("Host","R")) { show_table_header("<font color=\"AA0000\">No permissions !</font>"); show_footer(); diff --git a/frontends/php/triggers.php b/frontends/php/triggers.php index b13df9f9..1924e39e 100644 --- a/frontends/php/triggers.php +++ b/frontends/php/triggers.php @@ -28,7 +28,7 @@ ?> <?php - if(!check_right("Host","U",0)) + if(!check_anyright("Host","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font >"); @@ -186,7 +186,7 @@ $result=DBselect($sql); while($row=DBfetch($result)) { - if(!check_right("Host","R",$row["hostid"])) + if(!check_right("Host","U",$row["hostid"])) { continue; } diff --git a/frontends/php/users.php b/frontends/php/users.php index 59103960..4f961a16 100644 --- a/frontends/php/users.php +++ b/frontends/php/users.php @@ -28,7 +28,7 @@ ?> <?php - if(!check_right("User","U",0)) + if(!check_anyright("User","U")) { show_table_header("<font color=\"AA0000\">No permissions !</font >"); |