diff --git a/doc/en/api/clapi/objects/acl_menu.rst b/doc/en/api/clapi/objects/acl_menu.rst index 26631e07f71..949fb5bb5d7 100644 --- a/doc/en/api/clapi/objects/acl_menu.rst +++ b/doc/en/api/clapi/objects/acl_menu.rst @@ -125,19 +125,19 @@ If you want to grant in Read/Write, Read Only or revoke menus in an ACL Menu rul Let's assume that you would like to grant full access to the [Monitoring] menu in your ACL Menu rule::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Monitoring" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;1;Monitoring" Then, you would like to grant access to the [Home] > [Poller statistics] menu::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Home;Poller statistics" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;1;Home;Poller statistics" Then, you would like to grant access in read only to the [Configuration] > [Hosts] menu::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantro -v "ACL Menu test;Configuration;Hosts" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantro -v "ACL Menu test;1;Configuration;Hosts" Then, you decide to revoke access from [Monitoring] > [Event Logs]::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a revoke -v "ACL Menu test;Monitoring;Event Logs" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a revoke -v "ACL Menu test;1;Monitoring;Event Logs" Arguments are composed of the following columns: @@ -145,9 +145,11 @@ Arguments are composed of the following columns: ======= ============================ Order Column description ======= ============================ -1 Name of ACL menu rule +1 Name of ACL menu rule + +2 Grant/revoke children menus -2 Menu name to grant/revoke +3 Menu name to grant/revoke -n Possible sub menu name +n Possible sub menu name ======= ============================ diff --git a/doc/fr/api/clapi/objects/acl_menu.rst b/doc/fr/api/clapi/objects/acl_menu.rst index 003855f2b46..951217b93b7 100644 --- a/doc/fr/api/clapi/objects/acl_menu.rst +++ b/doc/fr/api/clapi/objects/acl_menu.rst @@ -124,19 +124,19 @@ If you want to grant in Read/Write, Read Only or revoke menus in an ACL Menu rul Let's assume that you would like to grant full access to the [Monitoring] menu in your ACL Menu rule::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Monitoring" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;1;Monitoring" Then, you would like to grant access to the [Home] > [Poller statistics] menu::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Home;Poller statistics" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;1;Home;Poller statistics" Then, you would like to grant access in read only to the [Configuration] > [Hosts] menu::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantro -v "ACL Menu test;Configuration;Hosts" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantro -v "ACL Menu test;1;Configuration;Hosts" Then, you decide to revoke access from [Monitoring] > [Event Logs]::: - [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a revoke -v "ACL Menu test;Monitoring;Event Logs" + [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a revoke -v "ACL Menu test;1;Monitoring;Event Logs" Arguments are composed of the following columns: @@ -144,9 +144,11 @@ Arguments are composed of the following columns: ======= ============================ Order Column description ======= ============================ -1 Name of ACL menu rule +1 Name of ACL menu rule + +2 Grant/revoke children menus -2 Menu name to grant/revoke +3 Menu name to grant/revoke -n Possible sub menu name +n Possible sub menu name ======= ============================ diff --git a/www/class/centreon-clapi/centreonACLMenu.class.php b/www/class/centreon-clapi/centreonACLMenu.class.php index 101379a41e5..24e9062ffb2 100644 --- a/www/class/centreon-clapi/centreonACLMenu.class.php +++ b/www/class/centreon-clapi/centreonACLMenu.class.php @@ -55,7 +55,6 @@ class CentreonACLMenu extends CentreonObject const LEVEL_2 = 1; const LEVEL_3 = 2; const LEVEL_4 = 3; - const PARENT_MENU_NOT_DEFINED = "Parent menu must be defined"; protected $relObject; protected $aclGroupObj; protected $topologyObj; @@ -163,25 +162,26 @@ public function show($parameters = null) protected function splitParams($parameters) { $params = explode($this->delim, $parameters); - if (count($params) < 2) { + if (count($params) < 3) { throw new CentreonClapiException(self::MISSINGPARAMETER); } $aclMenuId = $this->object->getIdByParameter($this->object->getUniqueLabelField(), array($params[0])); if (!count($aclMenuId)) { throw new CentreonClapiException(self::OBJECT_NOT_FOUND.":".$params[0]); } + $processChildren = ($params[1] == '0') ? false : true; $levels = array(); $menus = array(); - $toopologies = array(); - $levels[self::LEVEL_1] = $params[1]; + $topologies = array(); + $levels[self::LEVEL_1] = $params[2]; if (isset($params[2])) { - $levels[self::LEVEL_2] = $params[2]; + $levels[self::LEVEL_2] = $params[3]; } if (isset($params[3])) { - $levels[self::LEVEL_3] = $params[3]; + $levels[self::LEVEL_3] = $params[4]; } if (isset($params[4])) { - $levels[self::LEVEL_4] = $params[4]; + $levels[self::LEVEL_4] = $params[5]; } foreach ($levels as $level => $menu) { if ($menu) { @@ -235,7 +235,7 @@ protected function splitParams($parameters) break; } } - return array($aclMenuId[0], $menus, $topologies); + return array($aclMenuId[0], $menus, $topologies, $processChildren); } /** @@ -273,8 +273,11 @@ public function getaclgroup($aclMenuName) * @param int $parentTopologyId * @return void */ - protected function processChildrenOf($action = "grant", $aclMenuId = null, $parentTopologyId = null) - { + protected function processChildrenOf( + $action = "grant", + $aclMenuId = null, + $parentTopologyId = null + ) { $sql = "SELECT topology_id, topology_page FROM topology WHERE topology_parent = ?"; $res = $this->db->query($sql, array($parentTopologyId)); $rows = $res->fetchAll(); @@ -318,7 +321,7 @@ public function grant($parameters) */ public function grantRw($parameters) { - list($aclMenuId, $menus, $topologies) = $this->splitParams($parameters); + list($aclMenuId, $menus, $topologies, $processChildren) = $this->splitParams($parameters); foreach ($menus as $level => $menuId) { $this->db->query( "DELETE FROM acl_topology_relations WHERE acl_topo_id = ? AND topology_topology_id = ?", @@ -328,7 +331,7 @@ public function grantRw($parameters) "INSERT INTO acl_topology_relations (acl_topo_id, topology_topology_id) VALUES (?, ?)", array($aclMenuId, $menuId) ); - if (!isset($menus[$level + 1]) && $level != self::LEVEL_4) { + if ($processChildren && !isset($menus[$level + 1]) && $level != self::LEVEL_4) { $this->processChildrenOf("grant", $aclMenuId, $topologies[$level]); } } @@ -343,7 +346,7 @@ public function grantRw($parameters) */ public function grantRo($parameters) { - list($aclMenuId, $menus, $topologies) = $this->splitParams($parameters); + list($aclMenuId, $menus, $topologies, $processChildren) = $this->splitParams($parameters); foreach ($menus as $level => $menuId) { $this->db->query( "DELETE FROM acl_topology_relations WHERE acl_topo_id = ? AND topology_topology_id = ?", @@ -353,7 +356,7 @@ public function grantRo($parameters) "INSERT INTO acl_topology_relations (acl_topo_id, topology_topology_id, access_right) VALUES (?, ?, 2)", array($aclMenuId, $menuId) ); - if (!isset($menus[$level + 1]) && $level != self::LEVEL_4) { + if ($processChildren && !isset($menus[$level + 1]) && $level != self::LEVEL_4) { $this->processChildrenOf("grantro", $aclMenuId, $topologies[$level]); } } @@ -368,9 +371,9 @@ public function grantRo($parameters) */ public function revoke($parameters) { - list($aclMenuId, $menus, $topologies) = $this->splitParams($parameters); + list($aclMenuId, $menus, $topologies, $processChildren) = $this->splitParams($parameters); foreach ($menus as $level => $menuId) { - if (!isset($menus[$level + 1])) { + if ($processChildren && !isset($menus[$level + 1])) { $this->db->query( "DELETE FROM acl_topology_relations WHERE acl_topo_id = ? AND topology_topology_id = ?", array($aclMenuId, $menuId) @@ -420,8 +423,10 @@ private function grantMenu($aclTopoId, $aclTopoName) $grantedMenu = ''; - $grantedMenuTpl = $this->action . $this->delim . '%s' . $this->delim . + $grantedMenuTpl = $this->action . $this->delim . + '%s' . $this->delim . $aclTopoName . $this->delim . + '%s' . $this->delim . '%s' . $this->delim . "\n"; $grantedPossibilities = array( @@ -432,7 +437,7 @@ private function grantMenu($aclTopoId, $aclTopoName) $queryAclMenuRelations = 'SELECT t.topology_page, t.topology_id, t.topology_name, atr.access_right ' . 'FROM acl_topology_relations atr, topology t ' . 'WHERE atr.topology_topology_id = t.topology_id ' . - "AND atr.access_right <> '0'" . + "AND atr.access_right <> '0' " . 'AND atr.acl_topo_id = ?'; $grantedTopologyList = $this->db->fetchAll($queryAclMenuRelations, array($aclTopoId)); @@ -446,6 +451,7 @@ private function grantMenu($aclTopoId, $aclTopoName) $grantedMenu .= sprintf( $grantedMenuTpl, $grantedPossibilities[$grantedTopology['access_right']], + '0', $grantedTopologyBreadCrumb ); }