From 717eb6f9ed27471f3213d188d29bd267ff726a0f Mon Sep 17 00:00:00 2001
From: artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082>
Date: Tue, 17 Jun 2008 13:51:42 +0000
Subject:  - [DEV-178] fixes to permission scheme in DM setup (Artem)  -
 [DEV-153] changes in brute force blocking scheme (Artem)

git-svn-id: svn://svn.zabbix.com/trunk@5775 97f52cf1-0a1b-0410-bd0e-c28be96e8082
---
 frontends/php/include/config.inc.php  | 37 ++++++++++-------
 frontends/php/include/defines.inc.php |  2 +-
 frontends/php/include/forms.inc.php   | 73 ++++++++++++++------------------
 frontends/php/include/perm.inc.php    | 23 ++++++++---
 frontends/php/index.php               | 14 +++++--
 frontends/php/nodes.php               |  2 +
 frontends/php/popup_right.php         | 78 ++++++++++++++++++-----------------
 frontends/php/styles/form.css         | 72 ++++++++++++++++----------------
 frontends/php/styles/table.css        |  6 +--
 frontends/php/tr_status.php           |  4 +-
 10 files changed, 162 insertions(+), 149 deletions(-)

(limited to 'frontends')

diff --git a/frontends/php/include/config.inc.php b/frontends/php/include/config.inc.php
index 6dbd676a..a6caf779 100644
--- a/frontends/php/include/config.inc.php
+++ b/frontends/php/include/config.inc.php
@@ -220,7 +220,7 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; }  // DEBUG INFO!!!
 			$ZBX_WITH_SUBNODES = get_cookie('zbx_with_subnodes', false); // Show elements from subnodes
 
 			if(isset($_REQUEST['switch_node'])){
-				if($node_data = DBfetch(DBselect("select * from nodes where nodeid=".$_REQUEST['switch_node']))){
+				if($node_data = DBfetch(DBselect('SELECT * FROM nodes WHERE nodeid='.$_REQUEST['switch_node']))){
 					$ZBX_CURRENT_NODEID = $_REQUEST['switch_node'];
 				}
 				unset($node_data);
@@ -230,11 +230,17 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; }  // DEBUG INFO!!!
 				$ZBX_WITH_SUBNODES = !empty($_REQUEST['show_subnodes']);
 			}
 
-			if($node_data = DBfetch(DBselect("select * from nodes where nodeid=".$ZBX_CURRENT_NODEID))){
+			if($node_data = DBfetch(DBselect('SELECT * FROM nodes WHERE nodeid='.$ZBX_CURRENT_NODEID))){
 				$ZBX_CURMASTERID = $node_data['masterid'];
 			}
 			
-			$ZBX_NODES = get_accessible_nodes_by_user($USER_DETAILS, PERM_READ_LIST, PERM_RES_DATA_ARRAY);
+//			$ZBX_NODES = get_accessible_nodes_by_user($USER_DETAILS, PERM_READ_LIST, PERM_RES_DATA_ARRAY);
+
+			$sql = 'SELECT * FROM nodes';
+			$db_nodes = DBselect($sql);
+			while($node = DBfetch($db_nodes)){
+				$ZBX_NODES[$node['nodeid']] = $node;
+			}
 
 			if ( !isset($ZBX_NODES[$ZBX_CURRENT_NODEID]) ){
 				$denyed_page_requested = true;
@@ -242,14 +248,14 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; }  // DEBUG INFO!!!
 				$ZBX_CURMASTERID = $ZBX_LOCMASTERID;
 			}
 
-			foreach ( $ZBX_NODES as $nodeid => $node_data ){
-				for ( 	$curr_node = &$node_data;
-					$curr_node['masterid'] != 0 &&
-					(bccomp($curr_node['masterid'] , $ZBX_CURRENT_NODEID) != 0);
-					$curr_node = &$ZBX_NODES[$curr_node['masterid']]
-				);
+			foreach($ZBX_NODES as $nodeid => $node_data ){
+				$curr_node = &$node_data;
+
+				while(($curr_node['masterid']!=0) && (bccomp($curr_node['masterid'],$ZBX_CURRENT_NODEID)!=0)){
+					$curr_node = &$ZBX_NODES[$curr_node['masterid']];
+				}
 
-				if (bccomp($curr_node['masterid'],$ZBX_CURRENT_NODEID) == 0 ){
+				if(bccomp($curr_node['masterid'],$ZBX_CURRENT_NODEID) == 0 ){
 					$ZBX_CURRENT_SUBNODES[$nodeid] = $nodeid;
 				}
 			}
@@ -271,14 +277,12 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; }  // DEBUG INFO!!!
 
 	function get_current_nodeid($forse_with_subnodes = null, $perm = null){
 		global $USER_DETAILS, $ZBX_CURRENT_NODEID, $ZBX_CURRENT_SUBNODES, $ZBX_WITH_SUBNODES;
-
 		if(!isset($ZBX_CURRENT_NODEID))
 			init_nodes();
 
 		$result = ( is_show_subnodes($forse_with_subnodes) ? $ZBX_CURRENT_SUBNODES : $ZBX_CURRENT_NODEID );
-		
 		if(!is_null($perm)){
-			$result = get_accessible_nodes_by_user($USER_DETAILS, PERM_READ_ONLY, null, null, $result);
+			$result = get_accessible_nodes_by_user($USER_DETAILS, PERM_READ_ONLY, null, $result);
 		}
 
 	return $result;
@@ -301,13 +305,14 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; }  // DEBUG INFO!!!
 	function is_show_subnodes($forse_with_subnodes = null){
 		global	$ZBX_WITH_SUBNODES;
 
-		if ( is_null($forse_with_subnodes)){
-			if ( defined('ZBX_DISABLE_SUBNODES'))
+		if(is_null($forse_with_subnodes)){
+			if(defined('ZBX_DISABLE_SUBNODES'))
 				$forse_with_subnodes = false;
 			else
 				$forse_with_subnodes = $ZBX_WITH_SUBNODES;
 		}
-		return $forse_with_subnodes;
+
+	return $forse_with_subnodes;
 	}
 
 	function access_deny(){
diff --git a/frontends/php/include/defines.inc.php b/frontends/php/include/defines.inc.php
index 03f0f2d2..7b3986ec 100644
--- a/frontends/php/include/defines.inc.php
+++ b/frontends/php/include/defines.inc.php
@@ -32,7 +32,7 @@
 	define('PAGE_TYPE_HTML_BLOCK',	4);	//simple block of html (as text)
 	
 	define('ZBX_LOGIN_ATTEMPTS', 5);
-	define('ZBX_LOGIN_BLOCK', 180);
+	define('ZBX_LOGIN_BLOCK', 30);
 
 	define('T_ZBX_STR',			0);
 	define('T_ZBX_INT',			1);
diff --git a/frontends/php/include/forms.inc.php b/frontends/php/include/forms.inc.php
index 5cb2d04c..898d359e 100644
--- a/frontends/php/include/forms.inc.php
+++ b/frontends/php/include/forms.inc.php
@@ -774,9 +774,9 @@
 		if(isset($userid))	$frmUser->AddVar("userid",$userid);
 
 		if($profile==0){
-			$frmUser->AddRow(S_ALIAS,	new CTextBox("alias",$alias,20));
-			$frmUser->AddRow(S_NAME,	new CTextBox("name",$name,20));
-			$frmUser->AddRow(S_SURNAME,	new CTextBox("surname",$surname,20));
+			$frmUser->AddRow(S_ALIAS,	new CTextBox("alias",$alias,40));
+			$frmUser->AddRow(S_NAME,	new CTextBox("name",$name,40));
+			$frmUser->AddRow(S_SURNAME,	new CTextBox("surname",$surname,40));
 		}
 
 		if(ZBX_AUTH_INTERNAL == $config['authentication_type']){
@@ -818,7 +818,7 @@
 			}
 			
 			$lstGroups = new CListBox('user_groups_to_del[]');
-			$lstGroups->options['style'] = 'width: 270px';
+			$lstGroups->options['style'] = 'width: 280px';
 
 			foreach($user_groups as $groupid => $group_name){
 				$lstGroups->AddItem($groupid,	$group_name);
@@ -951,19 +951,16 @@
 	}
 
 	# Insert form for User Groups
-	function	insert_usergroups_form()
-	{
+	function insert_usergroups_form(){
 		global  $USER_DETAILS;
 
 		$frm_title = S_USER_GROUP;
-		if(isset($_REQUEST["usrgrpid"]))
-		{
+		if(isset($_REQUEST["usrgrpid"])){
 			$usrgrp		= get_group_by_usrgrpid($_REQUEST["usrgrpid"]);
-			$frm_title 	= S_USER_GROUP." \"".$usrgrp["name"]."\"";
+			$frm_title 	= S_USER_GROUP.' "'.$usrgrp['name'].'"';
 		}
 
-		if(isset($_REQUEST["usrgrpid"]) && !isset($_REQUEST["form_refresh"]))
-		{
+		if(isset($_REQUEST["usrgrpid"]) && !isset($_REQUEST["form_refresh"])){
 			$name	= $usrgrp['name'];
 
 			$users_status = $usrgrp['users_status'];
@@ -988,11 +985,9 @@
 					' LEFT JOIN nodes n on n.nodeid='.DBid2nodeid('g.groupid').
 					' WHERE r.groupid='.$_REQUEST["usrgrpid"],
 				);
-			foreach($sqls as $sql)
-			{
+			foreach($sqls as $sql){
 				$db_rights = DBselect($sql);
-				while($db_right = DBfetch($db_rights))
-				{
+				while($db_right = DBfetch($db_rights)){
 					if(isset($db_right['node_name']))
 						$db_right['name'] = $db_right['node_name'].':'.$db_right['name'];
 
@@ -1004,9 +999,8 @@
 				}
 			}
 		}
-		else
-		{
-			$name	=			get_request("gname","");
+		else{
+			$name	=			get_request('gname','');
 			$users_status = 	get_request('users_status',0);
 			$gui_access = 		get_request('gui_access',0);
 			$group_users	= get_request("group_users",array());
@@ -1020,12 +1014,12 @@
 		$frmUserG->SetHelp("web.users.groups.php");
 		$frmUserG->AddVar("config",get_request("config",1));
 
-		if(isset($_REQUEST["usrgrpid"]))
-		{
+		if(isset($_REQUEST["usrgrpid"])){
 			$frmUserG->AddVar("usrgrpid",$_REQUEST["usrgrpid"]);
 		}
+		
 		$grName = new CTextBox("gname",$name,49);
-		$grName->options['style'] = 'width: 250px';
+		$grName->options['style'] = 'width: 280px';
 		$frmUserG->AddRow(S_GROUP_NAME,$grName);
 
 		$frmUserG->AddVar('group_rights', $group_rights);
@@ -1033,7 +1027,7 @@
 		$frmUserG->AddVar('group_users', $group_users);
 
 		$lstUsers = new CListBox('group_users_to_del[]');
-		$lstUsers->options['style'] = 'width: 250px';
+		$lstUsers->options['style'] = 'width: 280px';
 
 		foreach($group_users as $userid => $alias)
 		{
@@ -1081,14 +1075,12 @@
 
 		$lstWrite = new CListBox('right_to_del[read_write][]'	,null	,20);
 		$lstRead  = new CListBox('right_to_del[read_only][]'	,null	,20);
-		$lstDeny  = new CListBox('right_to_del[deny][]'		,null	,20);
+		$lstDeny  = new CListBox('right_to_del[deny][]'			,null	,20);
 
-		foreach($group_rights as $name => $element_data)
-		{
-			if($element_data['permission'] == PERM_DENY)		$lstDeny->AddItem($name, $name);
-			elseif ($element_data['permission'] == PERM_READ_ONLY)	$lstRead->AddItem($name, $name);
-			elseif ($element_data['permission'] == PERM_READ_WRITE)	$lstWrite->AddItem($name, $name);
-			
+		foreach($group_rights as $name => $element_data){
+			if($element_data['permission'] == PERM_DENY)			$lstDeny->AddItem($name, $name);
+			else if($element_data['permission'] == PERM_READ_ONLY)	$lstRead->AddItem($name, $name);
+			else if($element_data['permission'] == PERM_READ_WRITE)	$lstWrite->AddItem($name, $name);
 		}
 
 		$table_Rights->SetHeader(array(S_READ_WRITE, S_READ_ONLY, S_DENY),'header');
@@ -1145,9 +1137,9 @@
 
 		if(ZBX_DISTRIBUTED){
 			$lst['node']['label']		= S_NODES;
-			$lst['node']['read_write']	= new CListBox('nodes_write'	,null	,6);
-			$lst['node']['read_only']	= new CListBox('nodes_read'	,null	,6);
-			$lst['node']['deny']		= new CListBox('nodes_deny'	,null	,6);
+			$lst['node']['read_write']	= new CListBox('nodes_write',null	,10);
+			$lst['node']['read_only']	= new CListBox('nodes_read'	,null	,10);
+			$lst['node']['deny']		= new CListBox('nodes_deny'	,null	,10);
 
 			$nodes = get_accessible_nodes_by_rights($rights, $user_type, PERM_DENY, PERM_RES_DATA_ARRAY);
 			foreach($nodes as $node){
@@ -1162,17 +1154,12 @@
 		}
 
 		$lst['group']['label']		= S_HOST_GROUPS;
-		$lst['group']['read_write']	= new CListBox('groups_write'	,null	,10);
-		$lst['group']['read_only']	= new CListBox('groups_read'	,null	,10);
-		$lst['group']['deny']		= new CListBox('groups_deny'	,null	,10);
+		$lst['group']['read_write']	= new CListBox('groups_write'	,null	,15);
+		$lst['group']['read_only']	= new CListBox('groups_read'	,null	,15);
+		$lst['group']['deny']		= new CListBox('groups_deny'	,null	,15);
 
-		$groups = get_accessible_groups_by_rights($rights, $user_type, PERM_DENY, PERM_RES_DATA_ARRAY, get_current_nodeid(false));
-/*
-SDI($groups);
-		$rights['userid'] = 3;
-		$available_groups= get_accessible_groups_by_user($rights, PERM_DENY, PERM_RES_DATA_ARRAY);
-SDI($available_groups);
-//*/		
+		$groups = get_accessible_groups_by_rights($rights, $user_type, PERM_DENY, PERM_RES_DATA_ARRAY, get_current_nodeid(true));
+	
 		foreach($groups as $group){
 			switch($group['permission']){
 				case PERM_READ_ONLY:
@@ -1193,7 +1180,7 @@ SDI($available_groups);
 		$lst['host']['read_only']	= new CListBox('hosts_read'	,null	,15);
 		$lst['host']['deny']		= new CListBox('hosts_deny'	,null	,15);
 
-		$hosts = get_accessible_hosts_by_rights($rights, $user_type, PERM_DENY, PERM_RES_DATA_ARRAY, get_current_nodeid(false));
+		$hosts = get_accessible_hosts_by_rights($rights, $user_type, PERM_DENY, PERM_RES_DATA_ARRAY, get_current_nodeid(true));
 
 		foreach($hosts as $host){
 			switch($host['permission']){
diff --git a/frontends/php/include/perm.inc.php b/frontends/php/include/perm.inc.php
index 7e5dba6d..b4288da1 100644
--- a/frontends/php/include/perm.inc.php
+++ b/frontends/php/include/perm.inc.php
@@ -58,7 +58,14 @@ function check_authorisation(){
 			$incorect_session = true;
 		}
 		else if($login['attempt_failed']){
-			error('There was ['.$login['attempt_failed'].'] failed attempts to Login from ['.$login['attempt_ip'].'] at ['.date('d.m.Y H:i',$login['attempt_clock']).'] o\'clock!');
+			error(new CScript(array(
+						bold($login['attempt_failed']),
+						'failed login attempts logged. Last failed attempt was from ',
+						bold($login['attempt_ip']),
+						' on ',
+						bold(date('d.m.Y H:i',$login['attempt_clock'])),
+						'.')));
+			
 			DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.zbx_dbstr($login['userid']));
 		}
 	}
@@ -389,11 +396,13 @@ COpt::counter_up('perm');
 	return $result;
 }
 
-function get_accessible_nodes_by_user(&$user_data,$perm,$perm_res=null,$nodeid=null){
+function get_accessible_nodes_by_user(&$user_data,$perm,$perm_res=null){
 	global $ZBX_LOCALNODEID;
-
+	
+	$nodeid = get_current_nodeid(true);
+//SDI($nodeid);
 	if(is_null($perm_res))	$perm_res=PERM_RES_STRING_LINE;
-
+	
 	$userid		=& $user_data['userid'];
 	$user_type	=& $user_data['type'];
 	if(!isset($userid)) fatal_error('Incorrect user data in "get_accessible_nodes_by_user"');
@@ -610,8 +619,10 @@ function get_accessible_groups_by_rights(&$rights,$user_type,$perm,$perm_res=nul
 return $result;
 }
 
-function get_accessible_nodes_by_rights(&$rights,$user_type,$perm,$perm_res=null,$nodeid=null){
+function get_accessible_nodes_by_rights(&$rights,$user_type,$perm,$perm_res=null){
 	global $ZBX_LOCALNODEID;
+	
+	$nodeid = get_current_nodeid(true);
 
 	if(is_null($perm_res))	$perm_res=PERM_RES_STRING_LINE;
 	if(is_null($user_type)) $user_type = USER_TYPE_ZABBIX_USER;
@@ -672,4 +683,4 @@ function get_accessible_nodes_by_rights(&$rights,$user_type,$perm,$perm_res=null
 
 return $result;
 }
-?>
\ No newline at end of file
+?>
diff --git a/frontends/php/index.php b/frontends/php/index.php
index 831dba6d..1dc8bdd1 100644
--- a/frontends/php/index.php
+++ b/frontends/php/index.php
@@ -76,14 +76,20 @@
 		
 		$sql = 'SELECT u.userid,u.attempt_failed, u.attempt_clock, u.attempt_ip '.
 				' FROM users u '.
-				' WHERE u.alias='.zbx_dbstr($name).
-					' AND ( attempt_failed<'.ZBX_LOGIN_ATTEMPTS.
-							' OR (attempt_failed>'.(ZBX_LOGIN_ATTEMPTS-1).
-									' AND ('.time().'-attempt_clock)>'.ZBX_LOGIN_BLOCK.'))';
+				' WHERE u.alias='.zbx_dbstr($name);
+				
+//SQL to BLOCK attempts
+//					.' AND ( attempt_failed<'.ZBX_LOGIN_ATTEMPTS.
+//							' OR (attempt_failed>'.(ZBX_LOGIN_ATTEMPTS-1).
+//									' AND ('.time().'-attempt_clock)>'.ZBX_LOGIN_BLOCK.'))';
 					
 		$login = $attempt = DBfetch(DBselect($sql));
 		
 		if($login){
+			if($login['attempt_failed'] >= ZBX_LOGIN_ATTEMPTS){
+				sleep(ZBX_LOGIN_BLOCK);
+			}
+			
 			switch($config['authentication_type']){
 				case ZBX_AUTH_LDAP:
 					$login = ldap_authentication($name,get_request('password',''));
diff --git a/frontends/php/nodes.php b/frontends/php/nodes.php
index f0a3a10d..158e5ac4 100644
--- a/frontends/php/nodes.php
+++ b/frontends/php/nodes.php
@@ -110,6 +110,8 @@ include_once "include/page_header.php";
 	}
 ?>
 <?php
+	$available_nodes = get_accessible_nodes_by_user($USER_DETAILS,PERM_READ_LIST,null, get_current_nodeid(true));
+	
 	if(isset($_REQUEST["form"])){
 		insert_node_form();
 	}
diff --git a/frontends/php/popup_right.php b/frontends/php/popup_right.php
index e382b5ea..c4420390 100644
--- a/frontends/php/popup_right.php
+++ b/frontends/php/popup_right.php
@@ -32,9 +32,11 @@ include_once "include/page_header.php";
 <?php
 //		VAR			TYPE	OPTIONAL FLAGS	VALIDATION	EXCEPTION
 	$fields=array(
-		"dstfrm"=>	array(T_ZBX_STR, O_MAND,P_SYS,	NOT_EMPTY,		NULL),
+		"dstfrm"=>		array(T_ZBX_STR, O_MAND,P_SYS,	NOT_EMPTY,		NULL),
 		"permission"=>	array(T_ZBX_INT, O_MAND,P_SYS,	IN(PERM_DENY.','.PERM_READ_ONLY.','.PERM_READ_WRITE),	NULL),
-		"type"=>	array(T_ZBX_INT, O_OPT, P_SYS,	IN(RESOURCE_TYPE_GROUP.(ZBX_DISTRIBUTED ? ','.RESOURCE_TYPE_NODE : '')), NULL)
+		"type"=>		array(T_ZBX_INT, O_OPT, P_SYS,	IN(RESOURCE_TYPE_GROUP.(ZBX_DISTRIBUTED ? ','.RESOURCE_TYPE_NODE : '')), NULL),
+		'nodeid'=>		array(T_ZBX_INT, O_OPT, P_SYS,	DB_ID,	NULL),
+		
 	);
 
 	check_fields($fields);
@@ -42,31 +44,29 @@ include_once "include/page_header.php";
 	$dstfrm		= get_request("dstfrm",		0);			// destination form
 	$permission	= get_request("permission",	PERM_DENY);		// right
 	$type		= get_request("type",		RESOURCE_TYPE_GROUP);	// type of resource
+	$nodeid		= get_request('nodeid', 	get_current_nodeid(false));
 
 	update_profile('web.right_type.last', $type);
 ?>
 <script language="JavaScript" type="text/javascript">
 <!--
 
-function add_var_to_opener_obj(obj,name,value)
-{
-        new_variable = window.opener.document.createElement('input');
-        new_variable.type = 'hidden';
-        new_variable.name = name;
-        new_variable.value = value;
-
-        obj.appendChild(new_variable);
+function add_var_to_opener_obj(obj,name,value){
+	new_variable = window.opener.document.createElement('input');
+	new_variable.type = 'hidden';
+	new_variable.name = name;
+	new_variable.value = value;
+	
+	obj.appendChild(new_variable);
 }
 
-function add_right(formname,type,id,permission,name)
-{
-        var form = window.opener.document.forms[formname];
-
-        if(!form)
-        {
-                close_window();
-		return false;
-        }
+function add_right(formname,type,id,permission,name){
+	var form = window.opener.document.forms[formname];
+	
+	if(!form){
+		close_window();
+	return false;
+	}
 
 	add_var_to_opener_obj(form,'new_right[type]',type);
 	add_var_to_opener_obj(form,'new_right[id]',id);
@@ -83,16 +83,22 @@ function add_right(formname,type,id,permission,name)
 	$frmTitle = new CForm();
 	$frmTitle->AddVar('dstfrm',$dstfrm);
 	$frmTitle->AddVar('permission', $permission);
-/*
+
 	if(ZBX_DISTRIBUTED){
-		$cmbResourceType = new CComboBox('type',$type,'submit();');
-		$cmbResourceType->AddItem(RESOURCE_TYPE_NODE, S_NODES);
-		$cmbResourceType->AddItem(RESOURCE_TYPE_GROUP, S_HOST_GROUPS);
-		$frmTitle->AddItem(array(
-			S_RESOURCE_TYPE, SPACE,
-			$cmbResourceType));
+		$available_nodes = get_accessible_nodes_by_user($USER_DETAILS, PERM_READ_WRITE,PERM_RES_IDS_ARRAY);
+
+		$cmbResourceNode = new CComboBox('nodeid',$nodeid,'submit();');
+		$cmbResourceNode->AddItem(0, S_ALL);
+		
+		$sql = 'SELECT name,nodeid FROM nodes WHERE '.DBcondition('nodeid',$available_nodes);
+		$db_nodes = DBselect($sql);
+		while($node = DBfetch($db_nodes)){
+			$cmbResourceNode->AddItem($node['nodeid'], $node['name']);
+		}
+		
+		$frmTitle->AddItem(array(S_NODE, SPACE, $cmbResourceNode));
 	}
-//*/
+
 	show_table_header(permission2str($permission),$frmTitle);
 
 	$table = new CTableInfo(S_NO_RESOURCES_DEFINED);
@@ -100,19 +106,15 @@ function add_right(formname,type,id,permission,name)
 	
 	$db_resources = null;
 
-	if(ZBX_DISTRIBUTED && $type == RESOURCE_TYPE_NODE)
-	{
-		$db_resources = DBselect('select n.name as name, n.nodeid as id from nodes n order by n.name');
-	}
-	elseif($type == RESOURCE_TYPE_GROUP)
-	{
-		$db_resources = DBselect('select n.name as node_name, g.name as name, g.groupid as id'.
-			' from groups g left join nodes n on '.DBid2nodeid('g.groupid').'=n.nodeid '.
-			' order by n.name, g.name');
+	if($type == RESOURCE_TYPE_GROUP){
+		$db_resources = DBselect('SELECT n.name as node_name, g.name as name, g.groupid as id'.
+						' FROM groups g '.
+							' LEFT JOIN nodes n on '.DBid2nodeid('g.groupid').'=n.nodeid '.
+						($nodeid?' WHERE nodeid='.$nodeid:'').
+						' ORDER BY n.name, g.name');
 	}
 
-	while($db_resource = DBfetch($db_resources))
-	{
+	while($db_resource = DBfetch($db_resources)){
 		if(isset($db_resource['node_name']))
 			$db_resource['name'] = $db_resource['node_name'].':'.$db_resource['name'];
 
diff --git a/frontends/php/styles/form.css b/frontends/php/styles/form.css
index b2d718c2..d2957871 100644
--- a/frontends/php/styles/form.css
+++ b/frontends/php/styles/form.css
@@ -1,37 +1,37 @@
-/* CSS Document */
-
-/**************** FORM ELEMENTS ****************/
-.biginput
-{
-	font-family: Verdana, Helvetica, Geneva;
-	font-size: 10px;
-	border: 1px solid gray;
-	background-color: white;
-	margin: 2px;
-}
-.biginput:focus	{
-	border-color: black;
-}
-.biginput:hover	{
-	border-color: black;
-}
-
-.biginput[readonly] /* NOTE: Ignored by IE */
-{
-	border-color: #D0D0D0;
-	background-color: #EEEEEE;
-}
-
-.button {
-	font-family: Verdana, Helvetica, Geneva;
-	font-size: 10px;
-	background: #F0F0F0 url('../images/gradients/button.gif') repeat-x top left;
-	border: 1px solid #808080;
-	height: 18px;
-	padding: 0px 5px 0px 5px;
-	margin: 2px;
-}
-.button:hover {
-	text-decoration: underline;
-	border-color: black;
+/* CSS Document */
+
+/**************** FORM ELEMENTS ****************/
+.biginput
+{
+	font-family: Verdana, Helvetica, Geneva;
+	font-size: 10px;
+	border: 1px solid gray;
+	background-color: white;
+	margin: 2px;
+}
+.biginput:focus	{
+	border-color: black;
+}
+.biginput:hover	{
+	border-color: black;
+}
+
+.biginput[readonly] /* NOTE: Ignored by IE */
+{
+	border-color: #D0D0D0;
+	background-color: #EEEEEE;
+}
+
+.button {
+	font-family: Verdana, Helvetica, Geneva;
+	font-size: 10px;
+	background: #F0F0F0 url('../images/gradients/button.gif') repeat-x top left;
+	border: 1px solid #808080;
+	height: 18px;
+	padding: 0px 5px 0px 5px;
+	margin: 2px;
+}
+.button:hover {
+	text-decoration: underline;
+	border-color: black;
 }
\ No newline at end of file
diff --git a/frontends/php/styles/table.css b/frontends/php/styles/table.css
index 7a336ee9..c004951d 100644
--- a/frontends/php/styles/table.css
+++ b/frontends/php/styles/table.css
@@ -722,9 +722,9 @@ table.right_table select
 	width: 200px;
 }
 
-table.right_table tr td.read_write	select.biginput	{ color: #008800; }
-table.right_table tr td.read_only	select.biginput	{ color: #CC8800; }
-table.right_table tr td.deny 	select.biginput	{ color: #CC0000; }
+table.right_table tr td.read_write	select.biginput	{ color: #008800; width: 280px;}
+table.right_table tr td.read_only	select.biginput	{ color: #CC8800; width: 280px;}
+table.right_table tr td.deny 	select.biginput	{ color: #CC0000; width: 280px;}
 
 /**************** GRAPH ****************/
 
diff --git a/frontends/php/tr_status.php b/frontends/php/tr_status.php
index 8e159e1e..b4c0ca4a 100644
--- a/frontends/php/tr_status.php
+++ b/frontends/php/tr_status.php
@@ -167,10 +167,10 @@ include_once "include/page_header.php";
 	$cmbHosts->AddItem(0,S_ALL_SMALL);
 	
 	
-	$available_groups= get_accessible_groups_by_user($USER_DETAILS,PERM_READ_ONLY);
+	$available_groups = get_accessible_groups_by_user($USER_DETAILS,PERM_READ_ONLY);
 	$available_hosts = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_ONLY);
 	$available_triggers = get_accessible_triggers(PERM_READ_ONLY,PERM_RES_IDS_ARRAY);
-	
+
 	$scripts_by_hosts = get_accessible_scripts_by_hosts(explode(',',$available_hosts));
 
 	$result=DBselect('SELECT DISTINCT g.groupid,g.name '.
-- 
cgit