diff options
| author | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2002-05-07 10:41:18 +0000 |
|---|---|---|
| committer | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2002-05-07 10:41:18 +0000 |
| commit | fefeed0a362b96cfcbc252adfa1e41b9035d8b9e (patch) | |
| tree | d8ea8461f3c5a917e5add76012ff78d95973de1c /frontends/php | |
| parent | 8dfc2751c6834cd9942254fdba3f1a4b559ecf13 (diff) | |
- added default user "guest" (Alexei)
- more support for flexible permissions (Alexei)
git-svn-id: svn://svn.zabbix.com/trunk@357 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php')
| -rw-r--r-- | frontends/php/alerts.php | 5 | ||||
| -rw-r--r-- | frontends/php/include/config.inc | 124 | ||||
| -rw-r--r-- | frontends/php/maps.php | 14 | ||||
| -rw-r--r-- | frontends/php/sysmaps.php | 21 |
4 files changed, 148 insertions, 16 deletions
diff --git a/frontends/php/alerts.php b/frontends/php/alerts.php index a06bec09..bb1b1768 100644 --- a/frontends/php/alerts.php +++ b/frontends/php/alerts.php @@ -50,6 +50,11 @@ $col=0; while($row=DBfetch($result)) { + if(!check_right("User","R",$row["userid"])) + { + continue; + } + if($col++%2==0) { echo "<tr bgcolor=#DDDDDD>"; } else { echo "<tr bgcolor=#EEEEEE>"; } diff --git a/frontends/php/include/config.inc b/frontends/php/include/config.inc index 88dffba8..775dca69 100644 --- a/frontends/php/include/config.inc +++ b/frontends/php/include/config.inc @@ -112,9 +112,27 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; { $ERROR_MSG="No user with itemid=[$userid]"; } - return $user; + return $result; + } + + function get_map_by_sysmapid($sysmapid) + { + global $ERROR_MSG; + + $sql="select * from sysmaps where sysmapid=$sysmapid"; + $result=DBselect($sql); + if(DBnum_rows($result) == 1) + { + return DBfetch($result); + } + else + { + $ERROR_MSG="No system map with sysmapid=[$sysmapid]"; + } + return $result; } + function get_item_by_itemid($itemid) { global $ERROR_MSG; @@ -436,6 +454,11 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; global $PHP_AUTH_USER,$PHP_AUTH_PW; global $USER_DETAILS; + if(!isset($PHP_AUTH_USER)) + { + $PHP_AUTH_USER="guest"; + } + $passwd=md5($PHP_AUTH_PW); $sql="select g.groupid,u.userid,u.alias,u.name,u.surname from users u,groups g where u.alias='$PHP_AUTH_USER' and u.passwd='$passwd' and u.groupid=g.groupid"; @@ -1062,6 +1085,12 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; { global $ERROR_MSG; + if(!check_right("Trigger comment","U",$row["hostid"])) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $comments=addslashes($comments); $sql="update triggers set comments='$comments' where triggerid=$triggerid"; return DBexecute($sql); @@ -1095,6 +1124,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function update_item($itemid,$description,$key,$hostid,$delay,$history,$status,$type,$snmp_community,$snmp_oid,$value_type) { + global $ERROR_MSG; + + if(!check_right("Item","U",$itemid)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $sql="update items set description='$description',key_='$key',hostid=$hostid,delay=$delay,history=$history,lastdelete=0,nextcheck=0,status=$status,type=$type,snmp_community='$snmp_community',snmp_oid='$snmp_oid',value_type=$value_type where itemid=$itemid"; return DBexecute($sql); } @@ -1360,6 +1397,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function add_item($description,$key,$hostid,$delay,$history,$status,$type,$snmp_community,$snmp_oid,$value_type) { + global $ERROR_MSG; + + if(!check_right("Item","A",0)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $sql="insert into items (description,key_,hostid,delay,history,lastdelete,nextcheck,status,type,snmp_community,snmp_oid,value_type) values ('$description','$key',$hostid,$delay,$history,0,0,$status,$type,'$snmp_community','$snmp_oid',$value_type)"; $result=DBexecute($sql); return DBinsert_id($result,"items","itemid"); @@ -1445,6 +1490,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function add_trigger($expression,$description,$priority,$istrue,$comments,$url) { + global $ERROR_MSG; + + if(!check_right("Trigger","A",0)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $description=addslashes($description); $sql="insert into triggers (description,priority,istrue,comments,url) values ('$description',$priority,$istrue,'$comments','$url')"; # echo $sql,"<br>"; @@ -1518,6 +1571,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function update_user($userid,$groupid,$name,$surname,$alias,$passwd) { + global $ERROR_MSG; + + if(!check_right("User","U",$userid)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + if($passwd=="") { $sql="update users set groupid=$groupid,name='$name',surname='$surname',alias='$alias' where userid=$userid"; @@ -1542,6 +1603,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function add_user($groupid,$name,$surname,$alias,$passwd) { + global $ERROR_MSG; + + if(!check_right("User","A",0)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $passwd=md5($passwd); $sql="insert into users (groupid,name,surname,alias,passwd) values ($groupid,'$name','$surname','$alias','$passwd')"; return DBexecute($sql); @@ -1598,6 +1667,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function update_sysmap($sysmapid,$name,$width,$height) { + global $ERROR_MSG; + + if(!check_right("Network map","U",$sysmapid)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $sql="update sysmaps set name='$name',width=$width,height=$height where sysmapid=$sysmapid"; return DBexecute($sql); } @@ -1620,6 +1697,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function add_sysmap($name,$width,$height) { + global $ERROR_MSG; + + if(!check_right("Network map","A",0)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + $sql="insert into sysmaps (name,width,height) values ('$name',$width,$height)"; return DBexecute($sql); } @@ -1697,6 +1782,12 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; { global $ERROR_MSG; + if(!check_right("Host","A",0)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + if(($template=="true") && ($host_templateid!=0)) { $ERROR_MSG="Choose either 'Add zabbix_agent parameters' or 'Use host as template' option"; @@ -1733,6 +1824,14 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function update_host($hostid,$host,$port,$status,$useip,$ip) { + global $ERROR_MSG; + + if(!check_right("Host","U",$hostid)) + { + $ERROR_MSG="Insufficient permissions"; + return 0; + } + if($useip=="on") { $useip=1; @@ -1851,6 +1950,16 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; function delete_user($userid) { + global $ERROR_MSG; + + $sql="select * from users where userid=$userid and alias='guest'"; + $result=DBselect($sql); + if(DBnum_rows($result) == 1) + { + $ERROR_MSG="Cannot delete user 'guest'"; + return 0; + } + delete_media_by_userid($userid); delete_actions_by_userid($userid); @@ -2377,6 +2486,7 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; echo "<option value=\"Default permission\">Default permission"; echo "<option value=\"Host\">Host"; echo "<option value=\"Item\">Item"; + echo "<option value=\"Network map\">Network map"; echo "<option value=\"Trigger comment\">Trigger's comment"; echo "<option value=\"User\">User"; echo "</select>"; @@ -2810,6 +2920,18 @@ where h.hostid=i.hostid and i.itemid=f.itemid and f.triggerid=$triggerid"; $res="All users"; } } + else if($permission=="System map") + { + if(isset($id)&&($id!=0)) + { + $user=get_map_by_sysmapid($id); + $res=$user["name"]; + } + else + { + $res="All system maps"; + } + } return $res; } ?> diff --git a/frontends/php/maps.php b/frontends/php/maps.php index ab8c70c9..801549f1 100644 --- a/frontends/php/maps.php +++ b/frontends/php/maps.php @@ -31,16 +31,18 @@ $lasthost=""; $result=DBselect("select sysmapid,name from sysmaps order by name"); - for($i=0;$i<DBnum_rows($result);$i++) + while($row=DBfetch($result)) { - $sysmapid_=DBget_field($result,$i,0); - $name=DBget_field($result,$i,1); - if( isset($sysmapid) && ($sysmapid == $sysmapid_) ) + if(!check_right("Network map","R",$row["sysmapid"])) + { + continue; + } + if( isset($sysmapid) && ($sysmapid == $row["sysmapid"]) ) { echo "<b>["; } - echo "<a href='maps.php?sysmapid=$sysmapid_'>$name</a>"; - if(isset($sysmapid) && ($sysmapid == $sysmapid_) ) + echo "<a href='maps.php?sysmapid=".$row["sysmapid"]."'>".$row["name"]."</a>"; + if(isset($sysmapid) && ($sysmapid == $row["sysmapid"]) ) { echo "]</b>"; } diff --git a/frontends/php/sysmaps.php b/frontends/php/sysmaps.php index 87f95786..a0133059 100644 --- a/frontends/php/sysmaps.php +++ b/frontends/php/sysmaps.php @@ -35,6 +35,7 @@ <? show_table_header("NETWORK MAPS"); echo "<TABLE BORDER=0 COLS=4 WIDTH=\"100%\" BGCOLOR=\"#CCCCCC\" cellspacing=1 cellpadding=3>"; + echo "<TD WIDTH=\"10%\" NOSAVE><B>Id</B></TD>"; echo "<TD WIDTH=\"10%\" NOSAVE><B>Name</B></TD>"; echo "<TD WIDTH=\"10%\" NOSAVE><B>Width</B></TD>"; echo "<TD WIDTH=\"10%\" NOSAVE><B>Height</B></TD>"; @@ -44,8 +45,13 @@ $result=DBselect("select s.sysmapid,s.name,s.width,s.height from sysmaps s order by s.name"); echo "<CENTER>"; $col=0; - for($i=0;$i<DBnum_rows($result);$i++) + while($row=DBfetch($result)) { + if(!check_right("Network map","R",$row["sysmapid"])) + { + continue; + } + if($col==1) { echo "<TR BGCOLOR=#EEEEEE>"; @@ -56,14 +62,11 @@ $col=1; } - $sysmapid_=DBget_field($result,$i,0); - $name_=DBget_field($result,$i,1); - $width_=DBget_field($result,$i,2); - $height_=DBget_field($result,$i,3); - echo "<TD><a href=\"sysmap.php?sysmapid=$sysmapid_\">$name_</a></TD>"; - echo "<TD>$width_</TD>"; - echo "<TD>$height_</TD>"; - echo "<TD><A HREF=\"sysmaps.php?sysmapid=$sysmapid_#form\">Change</A> - <A HREF=\"sysmaps.php?register=delete&sysmapid=$sysmapid_\">Delete</A></TD>"; + echo "<TD>".$row["sysmapid"]."</TD>"; + echo "<TD><a href=\"sysmap.php?sysmapid=".$row["sysmapid"]."\">".$row["name"]."</a></TD>"; + echo "<TD>".$row["width"]."</TD>"; + echo "<TD>".$row["height"]."</TD>"; + echo "<TD><A HREF=\"sysmaps.php?sysmapid=".$row["sysmapid"]."#form\">Change</A> - <A HREF=\"sysmaps.php?register=delete&sysmapid=".$row["sysmapid"]."\">Delete</A></TD>"; echo "</TR>"; } echo "</TABLE>"; |