From ac02d82e08063bd9d601868bee570031840c29f4 Mon Sep 17 00:00:00 2001 From: Adrien Morais Date: Tue, 10 Mar 2020 17:15:54 +0100 Subject: [PATCH 1/5] fix(centreonACL): return all services linked to a servicegroup --- www/class/centreonACL.class.php | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/www/class/centreonACL.class.php b/www/class/centreonACL.class.php index 0a73c747997..3e27d238a93 100644 --- a/www/class/centreonACL.class.php +++ b/www/class/centreonACL.class.php @@ -2061,21 +2061,10 @@ public function getServiceServiceGroupAclConf($sg_id, $broker = null, $options = $query = $request['select'] . $request['simpleFields'] . " " . "FROM ( " . "SELECT " . $request['fields'] . " " - . "FROM servicegroup, servicegroup_relation, service, host " . $from_acl . " " - . "WHERE servicegroup.sg_id = '" . CentreonDB::escape($sg_id) . "' " - . "AND service.service_activate='1' AND host.host_activate='1' " - . "AND servicegroup.sg_id = servicegroup_relation.servicegroup_sg_id " - . "AND servicegroup_relation.service_service_id = service.service_id " - . "AND servicegroup_relation.host_host_id = host.host_id " - . $where_acl . " " - . "UNION " - . "SELECT " . $request['fields'] . " " - . "FROM servicegroup, servicegroup_relation, hostgroup_relation, service, host " . $from_acl . " " - . "WHERE servicegroup.sg_id = '" . CentreonDB::escape($sg_id) . "' " - . "AND servicegroup.sg_id = servicegroup_relation.servicegroup_sg_id " - . "AND servicegroup_relation.hostgroup_hg_id = hostgroup_relation.hostgroup_hg_id " - . "AND hostgroup_relation.host_host_id = host.host_id " - . "AND servicegroup_relation.service_service_id = service.service_id " + . "FROM " .$db_name_acl . ".services_servicegroups, service, host" . $from_acl . " " + . "WHERE servicegroup_id = " . CentreonDB::escape($sg_id) . " " + . "AND host.host_id = services_servicegroups.host_id " + . "AND service.service_id = services_servicegroups.service_id" . $where_acl . " " . ") as t "; From 6e8d8fccd9de03e7e02480485c97f807d71c659d Mon Sep 17 00:00:00 2001 From: Adrien Morais Date: Tue, 10 Mar 2020 17:24:53 +0100 Subject: [PATCH 2/5] enh(centreonACL): add some code documentation --- www/class/centreonACL.class.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/www/class/centreonACL.class.php b/www/class/centreonACL.class.php index 3e27d238a93..21b613d3201 100644 --- a/www/class/centreonACL.class.php +++ b/www/class/centreonACL.class.php @@ -2022,7 +2022,13 @@ public function getServiceGroupAclConf($search = null, $broker = null, $options } /** - * Get Services in servicesgroups from ACL and configuration DB + * Get all services linked to a servicegroup regarding ACL + * + * @param int $sg_id servicegroup id + * @param mixed $broker + * @param mixed $options + * @access public + * @return array */ public function getServiceServiceGroupAclConf($sg_id, $broker = null, $options = null) { @@ -2058,6 +2064,14 @@ public function getServiceServiceGroupAclConf($sg_id, $broker = null, $options = . "AND $db_name_acl.centreon_acl.host_id = host.host_id " . "AND $db_name_acl.centreon_acl.service_id = service.service_id "; } + /* + * Using the centreon_storage database to get the information + * where the services_servicegroups table provides "resolved" dependencies + * for possible components of the servicegroup which can be: + * - simple services + * - service templates + * - hostgroup services + */ $query = $request['select'] . $request['simpleFields'] . " " . "FROM ( " . "SELECT " . $request['fields'] . " " From fac1d52c221fb8a67a68c96101b1a73ca76bdd7d Mon Sep 17 00:00:00 2001 From: Adrien Morais Date: Wed, 11 Mar 2020 15:20:07 +0100 Subject: [PATCH 3/5] fix(centreonACL): take review feedbacks into account * Sanitize the servicegroup id * add missing code line to get only activated ressources --- www/class/centreonACL.class.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/www/class/centreonACL.class.php b/www/class/centreonACL.class.php index 21b613d3201..7a501a48bd5 100644 --- a/www/class/centreonACL.class.php +++ b/www/class/centreonACL.class.php @@ -2024,13 +2024,13 @@ public function getServiceGroupAclConf($search = null, $broker = null, $options /** * Get all services linked to a servicegroup regarding ACL * - * @param int $sg_id servicegroup id + * @param int $sgId servicegroup id * @param mixed $broker * @param mixed $options * @access public * @return array */ - public function getServiceServiceGroupAclConf($sg_id, $broker = null, $options = null) + public function getServiceServiceGroupAclConf($sgId, $broker = null, $options = null) { $services = array(); @@ -2064,6 +2064,13 @@ public function getServiceServiceGroupAclConf($sg_id, $broker = null, $options = . "AND $db_name_acl.centreon_acl.host_id = host.host_id " . "AND $db_name_acl.centreon_acl.service_id = service.service_id "; } + + // Making sure that the id provided is a real int + $option = array ( + 'default' => 0 + ); + $sgId = filter_var($sgId, FILTER_VALIDATE_INT, $option); + /* * Using the centreon_storage database to get the information * where the services_servicegroups table provides "resolved" dependencies @@ -2075,10 +2082,11 @@ public function getServiceServiceGroupAclConf($sg_id, $broker = null, $options = $query = $request['select'] . $request['simpleFields'] . " " . "FROM ( " . "SELECT " . $request['fields'] . " " - . "FROM " .$db_name_acl . ".services_servicegroups, service, host" . $from_acl . " " - . "WHERE servicegroup_id = " . CentreonDB::escape($sg_id) . " " + . "FROM " . $db_name_acl . ".services_servicegroups, service, host" . $from_acl . " " + . "WHERE servicegroup_id = " . CentreonDB::escape((int)$sgId) . " " . "AND host.host_id = services_servicegroups.host_id " - . "AND service.service_id = services_servicegroups.service_id" + . "AND service.service_id = services_servicegroups.service_id " + . "AND service.service_activate = '1' AND host.host_activate = '1'" . $where_acl . " " . ") as t "; From 4c12593c720c19334d93143e648f0aea678d9479 Mon Sep 17 00:00:00 2001 From: Adrien Morais Date: Wed, 11 Mar 2020 15:28:08 +0100 Subject: [PATCH 4/5] fix(centreonACL): variable enough checked. --- www/class/centreonACL.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/www/class/centreonACL.class.php b/www/class/centreonACL.class.php index 7a501a48bd5..44898430b39 100644 --- a/www/class/centreonACL.class.php +++ b/www/class/centreonACL.class.php @@ -2083,7 +2083,7 @@ public function getServiceServiceGroupAclConf($sgId, $broker = null, $options = . "FROM ( " . "SELECT " . $request['fields'] . " " . "FROM " . $db_name_acl . ".services_servicegroups, service, host" . $from_acl . " " - . "WHERE servicegroup_id = " . CentreonDB::escape((int)$sgId) . " " + . "WHERE servicegroup_id = " . $sgId . " " . "AND host.host_id = services_servicegroups.host_id " . "AND service.service_id = services_servicegroups.service_id " . "AND service.service_activate = '1' AND host.host_activate = '1'" From 066211c6e6de2ab5042b728bf17c84d6b47e3757 Mon Sep 17 00:00:00 2001 From: Adrien Morais <31647811+adr-mo@users.noreply.github.com> Date: Wed, 11 Mar 2020 17:24:40 +0100 Subject: [PATCH 5/5] take kduret feedback into account Co-Authored-By: Kevin Duret --- www/class/centreonACL.class.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/www/class/centreonACL.class.php b/www/class/centreonACL.class.php index 44898430b39..d739294f842 100644 --- a/www/class/centreonACL.class.php +++ b/www/class/centreonACL.class.php @@ -2066,9 +2066,7 @@ public function getServiceServiceGroupAclConf($sgId, $broker = null, $options = } // Making sure that the id provided is a real int - $option = array ( - 'default' => 0 - ); + $option = ['default' => 0]; $sgId = filter_var($sgId, FILTER_VALIDATE_INT, $option); /*