Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Commit

Permalink
Mon 2803 acl resources access (#6962)
Browse files Browse the repository at this point in the history 
* fix(hg) freeze hg edition compared acl

* fix(downtime) freeze form and hide button
  • Loading branch information
@loiclau
loiclau authored and Matthieu Kermagoret committed Dec 14, 2018
1 parent e3d55f4 commit 9d73f2e
Show file tree
Hide file tree
Showing 9 changed files with 234 additions and 83 deletions.
6 changes: 6 additions & 0 deletions lang/fr/LC_MESSAGES/messages.po
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14690,3 +14690,9 @@ msgstr "Certains collecteurs ne sont pas à jour en base de données; vérifiez

msgid "Latency detected, check configuration for better optimization"
msgstr "Latence détectée, vérifiez la configuration pour une meilleure optimisation"

msgid "You can't edit this downtime because you don't have access to all of its resources"
msgstr "Vous ne pouvez pas éditer ce temps d’arrêt car vous n'êtes pas autorisé à accéder à toutes les ressources liées"

msgid "You can't edit this hostgroup because you don't have access to all its resources"
msgstr "Vous ne pouvez pas éditer groupe d'hote car vous n'êtes pas autorisé à accéder à toutes les ressources liées"
175 changes: 114 additions & 61 deletions www/include/configuration/configObject/hostgroup/formHostGroup.ihtml
View file
Original file line number Diff line number Diff line change
@@ -1,66 +1,119 @@
{$form.javascript}{$javascript}
<form {$form.attributes}>
<div id="validFormTop">
{if $o == "a" || $o == "c"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{/if}
</div>
<div id='tab1' class='tab'>
<table class="formTable table">
<tr class="ListHeader">
<td class="FormHeader" colspan="2">
<h3>| {$form.header.title}</h3>
</td>
</tr>
<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.information}</h4>
</td>
</tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="hostgroup_name"> {$form.hg_name.label}</td><td class="FormRowValue">{$form.hg_name.html}</td></tr>
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="alias"> {$form.hg_alias.label}</td><td class="FormRowValue">{$form.hg_alias.html}</td></tr>

<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.relation}</h4>
</td>
</tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="members"> {$form.hg_hosts.label}</td><td class="FormRowValue"><p class="oreonbutton">{$form.hg_hosts.html} </p></td></tr>
{if !$form.msgacl }
<div id="validFormTop">
{if $o == "a" || $o == "c"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{/if}
</div>
{/if}
{if $form.msgacl }
<div style="color: red; text-align: center; font-weight: bold; margin: 4px">
{t}You can't edit this hostgroup because you don't have access to all its resources{/t}
</div>
{/if}
<div id='tab1' class='tab'>
<table class="formTable table">
<tr class="ListHeader">
<td class="FormHeader" colspan="2">
<h3>| {$form.header.title}</h3>
</td>
</tr>
<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.information}</h4>
</td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="hostgroup_name"> {$form.hg_name.label}</td>
<td class="FormRowValue">{$form.hg_name.html}</td>
</tr>
<tr class="list_two">
<td class="FormRowField"><img class="helpTooltip" name="alias"> {$form.hg_alias.label}</td>
<td class="FormRowValue">{$form.hg_alias.html}</td>
</tr>

<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.extended}</h4>
</td>
</tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="notes"> {$form.hg_notes.label}</td><td class="FormRowValue"><p class="oreonbutton">{$form.hg_notes.html}</p></td></tr>
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="notes_url"> {$form.hg_notes_url.label}</td><td class="FormRowValue"><p class="oreonbutton">{$form.hg_notes_url.html}</p></td></tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="action_url"> {$form.hg_action_url.label}</td><td class="FormRowValue"><p class="oreonbutton">{$form.hg_action_url.html}</p></td></tr>
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="icon_image"> {$form.hg_icon_image.label}</td><td class="FormRowValue"><p class="oreonbutton">{$form.hg_icon_image.html}&nbsp;&nbsp;<img id='hg_icon_image_img' src='./img/blank.gif'></p></td></tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="statusmap_image"> {$form.hg_map_icon_image.label}</td><td class="FormRowValue"><p class="oreonbutton">{$form.hg_map_icon_image.html}&nbsp;&nbsp;<img id='hg_map_icon_image' src='./img/blank.gif'></p></td></tr>
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="geo_coords"> {$form.geo_coords.label}</td><td class="FormRowValue">{$form.geo_coords.html}</td></tr>

<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.furtherInfos}</h4>
</td>
</tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="hg_rrd_retention"> {$form.hg_rrd_retention.label}</td><td class="FormRowValue">{$form.hg_rrd_retention.html} {$days}</td></tr>
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="hg_comment"> {$form.hg_comment.label}</td><td class="FormRowValue">{$form.hg_comment.html}</td></tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="hg_activate"> {$form.hg_activate.label}</td><td class="FormRowValue">{$form.hg_activate.html}</td></tr>
{if $o == "a" || $o == "c"}
<tr class="list_lvl_2"><td class="ListColLvl2_name" colspan="2">{$form.required._note}</td></tr>
{/if}
</table>
</div>
<div id="validForm">
{if $o == "a" || $o == "c"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{/if}
</div>
{$form.hidden}
<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.relation}</h4>
</td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="members"> {$form.hg_hosts.label}</td>
<td class="FormRowValue"><p class="oreonbutton">{$form.hg_hosts.html} </p></td>
</tr>

<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.extended}</h4>
</td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="notes"> {$form.hg_notes.label}</td>
<td class="FormRowValue"><p class="oreonbutton">{$form.hg_notes.html}</p></td>
</tr>
<tr class="list_two">
<td class="FormRowField"><img class="helpTooltip" name="notes_url"> {$form.hg_notes_url.label}</td>
<td class="FormRowValue"><p class="oreonbutton">{$form.hg_notes_url.html}</p></td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="action_url"> {$form.hg_action_url.label}</td>
<td class="FormRowValue"><p class="oreonbutton">{$form.hg_action_url.html}</p></td>
</tr>
<tr class="list_two">
<td class="FormRowField"><img class="helpTooltip" name="icon_image"> {$form.hg_icon_image.label}</td>
<td class="FormRowValue"><p class="oreonbutton">{$form.hg_icon_image.html}&nbsp;&nbsp;<img
id='hg_icon_image_img' src='./img/blank.gif'></p></td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="statusmap_image">
{$form.hg_map_icon_image.label}
</td>
<td class="FormRowValue"><p class="oreonbutton">{$form.hg_map_icon_image.html}&nbsp;&nbsp;<img
id='hg_map_icon_image' src='./img/blank.gif'></p></td>
</tr>
<tr class="list_two">
<td class="FormRowField"><img class="helpTooltip" name="geo_coords"> {$form.geo_coords.label}</td>
<td class="FormRowValue">{$form.geo_coords.html}</td>
</tr>

<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.furtherInfos}</h4>
</td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="hg_rrd_retention">
{$form.hg_rrd_retention.label}
</td>
<td class="FormRowValue">{$form.hg_rrd_retention.html} {$days}</td>
</tr>
<tr class="list_two">
<td class="FormRowField"><img class="helpTooltip" name="hg_comment"> {$form.hg_comment.label}</td>
<td class="FormRowValue">{$form.hg_comment.html}</td>
</tr>
<tr class="list_one">
<td class="FormRowField"><img class="helpTooltip" name="hg_activate"> {$form.hg_activate.label}</td>
<td class="FormRowValue">{$form.hg_activate.html}</td>
</tr>
{if $o == "a" || $o == "c"}
<tr class="list_lvl_2">
<td class="ListColLvl2_name" colspan="2">{$form.required._note}</td>
</tr>
{/if}
</table>
</div>
{if !$form.msgacl }
<div id="validForm">
{if $o == "a" || $o == "c"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{/if}
</div>
{/if}
{$form.hidden}
</form>
{$helptext}
23 changes: 19 additions & 4 deletions www/include/configuration/configObject/hostgroup/formHostGroup.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
exit();
}

if (!$oreon->user->admin) {
if (!$centreon->user->admin) {
if ($hg_id && false === strpos($hgString, "'" . $hg_id . "'")) {
$msg = new CentreonMsg();
$msg->setImage("./img/icons/warning.png");
Expand Down Expand Up @@ -212,12 +212,27 @@ function myReplace()
$form->setDefaults($hg);
$form->freeze();
} elseif ($o == "c") {
/*
* Modify a HostGroup information
*/
//Modify a HostGroup information
$subC = $form->addElement('submit', 'submitC', _("Save"), array("class" => "btc bt_success"));
$res = $form->addElement('reset', 'reset', _("Reset"), array("class" => "btc bt_default"));
$form->setDefaults($hg);

//check host resources
$hostArray = array();
$host = $acl->getHostAclConf(null, 'broker');
$accessHost = array_keys($host);
$rq = "SELECT DISTINCT h.host_id FROM hostgroup_relation hgr, host h " .
" WHERE hostgroup_hg_id = '" . $hg_id . "' AND h.host_id = hgr.host_host_id AND h.host_register = '1' ";
$db = $pearDB->query($rq);
while ($row = $db->fetch()) {
$hostArray[] = $row['host_id'];
}
$result = array_diff($hostArray, $accessHost);
if (!empty($result) && (!$centreon->user->admin)) {
$form->addElement('text', 'msgacl', _("error"), 'error');
$form->freeze();
}

} elseif ($o == "a") {
/*
* Add a HostGroup information
Expand Down
2 changes: 1 addition & 1 deletion www/include/configuration/configObject/hostgroup/hostGroup.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@

isset($_GET["hg_id"]) ? $hG = $_GET["hg_id"] : $hG = null;
isset($_POST["hg_id"]) ? $hP = $_POST["hg_id"] : $hP = null;
$hG ? $hg_id = $hG : $hg_id = $hP;
$hG ? $hg_id = (int)$hG : $hg_id = (int)$hP;

isset($_GET["select"]) ? $cG = $_GET["select"] : $cG = null;
isset($_POST["select"]) ? $cP = $_POST["select"] : $cP = null;
Expand Down
51 changes: 36 additions & 15 deletions www/include/monitoring/recurrentDowntime/formDowntime.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -235,21 +235,31 @@
}
</script>
{/literal}

<div id="msg_err" style="color: red; text-align: center; font-weight: bold; margin: 4px; {if !$msg_err }display: none;{/if}">{$msg_err}</div>

{if $form.msgacl }
<div style="color: red; text-align: center; font-weight: bold; margin: 4px" >
{t}You can't edit this downtime because you don't have access to all of its resources{/t}
</div>
{/if}

<form {$form.attributes}>
<div class="headerTabContainer">
<ul id="mainnav">
<li class="a" id='c1'><a href="#" onclick="javascript:montre('1');">{$sort1}</a></li>
<li class="b" id='c2'><a href="#" onclick="javascript:montre('2');">{$sort2}</a></li>
</ul>
<div id="validFormTop">
{if $o == "a" || $o == "c" || $o == "mc"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitMC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{if !$form.msgacl }
<div id="validFormTop">
{if $o == "a" || $o == "c" || $o == "mc"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitMC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{/if}
</div>
{/if}
</div>
</div>
<div id="tab1" class="tab">
<table class="formTable table">
<tr class="ListHeader">
Expand All @@ -276,13 +286,22 @@ <h4>{$form.header.periods}</h4>
<table>
{if $period_err }<tr><td colspan="2" style="color: red;">{$period_err}</td></tr>{/if}
<tr>
<td class="FormRowValue">{if $o != "w"}<div style="cursor: pointer; color : #009fdf;"><img src="./img/icons/circle-plus.png" class="ico-14" style="vertical-align: middle;" onclick="addPeriods()" /> <a href="#" onclick="javascript:addPeriods()" style="color: #4ccaff; text-decoration: none;">{$add}</a></div>{/if}</td>
{if !$form.msgacl }
<td class="FormRowValue">
{if $o != "w"}
<div style="cursor: pointer; color : #009fdf;">
<img src="./img/icons/circle-plus.png" class="ico-14" style="vertical-align: middle;" onclick="addPeriods()" />
<a href="#" onclick="javascript:addPeriods()" style="color: #4ccaff; text-decoration: none;">{$add}</a>
</div>
{/if}
</td>
{/if}
</tr>
<tr>
<td>
<div id="tabs_periods">
<ul id="ul_tabs">
{if $o == "w"}
{if $o == "w" || $form.msgacl }
{foreach item=period from=$periods_tab}
{assign var='nbperiod' value='1'}
{if $period.month_cycle == 'none'}
Expand Down Expand Up @@ -360,13 +379,15 @@ <h4>{$form.header.linkManagement}</h4>
{/if}
</table>
</div>
<div id="validForm">
{if $o == "a" || $o == "c" || $o == "mc"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitMC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{if !$form.msgacl }
<div id="validForm">
{if $o == "a" || $o == "c" || $o == "mc"}
<p class="oreonbutton">{$form.submitC.html}{$form.submitMC.html}{$form.submitA.html}&nbsp;&nbsp;&nbsp;{$form.reset.html}</p>
{else if $o == "w"}
<p class="oreonbutton">{$form.change.html}</p>
{/if}
</div>
{/if}
</div>
{$form.hidden}
</form>
{$helptext}
{$helptext}
35 changes: 35 additions & 0 deletions www/include/monitoring/recurrentDowntime/formDowntime.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,7 @@ function testDowntimeNameExistence($downtimeName = null)
$attrHosts,
array('defaultDatasetRoute' => $routeAttrHosts)
);

$form->addElement('select2', 'host_relation', _("Linked with Hosts"), array(), $attrHost1);

/*
Expand Down Expand Up @@ -212,6 +213,7 @@ function testDowntimeNameExistence($downtimeName = null)
);
}


/*
* Smarty template Init
*/
Expand All @@ -234,6 +236,39 @@ function testDowntimeNameExistence($downtimeName = null)
/*
* Modify a service information
*/
require_once _CENTREON_PATH_ . "/www/class/centreonACL.class.php";

$userId = $centreon->user->user_id;
$isAdmin = $centreon->user->admin;
$acl = new CentreonACL($userId, $isAdmin);

//check host resources
$host = $acl->getHostAclConf(null, 'broker');
$accessHost = array_keys($host);
$result = array_diff($default_dt['host_relation'], $accessHost);
if (!empty($result)) {
$form->addElement('text', 'msgacl', _("error"), 'error');
$form->freeze();
} else {
//check hostgroup resources
$hgs = $acl->getHostGroupAclConf(null, 'broker');
$accessHg = array_keys($hgs);
$result = array_diff($default_dt['hostgroup_relation'], $accessHg);
if (!empty($result)) {
$form->addElement('text', 'msgacl', _("error"), 'error');
$form->freeze();
} else {
//check servicegroup resources
$sgs = $acl->getServiceGroupAclConf(null, 'broker');
$accessSg = array_keys($sgs);
$result = array_diff($default_dt['svcgroup_relation'], $accessSg);
if (!empty($result)) {
$form->addElement('text', 'msgacl', _("error"), 'error');
$form->freeze();
}
}
}

$subC = $form->addElement(
'button',
'submitC',
Expand Down
8 changes: 8 additions & 0 deletions www/include/monitoring/recurrentDowntime/templates/monthly_basis.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,5 +65,13 @@

jQuery(".timepicker").timepicker();
});


$(document).ready(function () {
var validButton = $('#validForm');
if (!validButton.length) {
$("#tabs_periods :input").prop("disabled", true);
}
});
</script>
{/literal}
Loading

0 comments on commit 9d73f2e

Please sign in to comment.