function validate_operation($operation) { global $USER_DETAILS; switch ($operation['operationtype']) { case OPERATION_TYPE_MESSAGE: switch ($operation['object']) { case OPERATION_OBJECT_USER: if (!get_user_by_userid($operation['objectid'])) { error(S_INCORRECT_USER); return false; } break; case OPERATION_OBJECT_GROUP: if (!get_group_by_usrgrpid($operation['objectid'])) { error(S_INCORRECT_GROUP); return false; } break; default: error(S_INCORRECT_OBJECT_TYPE); return false; } break; case OPERATION_TYPE_COMMAND: return validate_commands($operation['longdata']); case OPERATION_TYPE_HOST_ADD: case OPERATION_TYPE_HOST_REMOVE: break; case OPERATION_TYPE_GROUP_ADD: case OPERATION_TYPE_GROUP_REMOVE: if (!uint_in_array($operation['objectid'], get_accessible_groups_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) { error(S_INCORRECT_GROUP); return false; } break; case OPERATION_TYPE_TEMPLATE_ADD: case OPERATION_TYPE_TEMPLATE_REMOVE: if (!uint_in_array($operation['objectid'], get_accessible_hosts_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) { error(S_INCORRECT_HOST); return false; } break; default: error(S_INCORRECT_OPERATION_TYPE); return false; } return true; }
function validate_operation($operation) { if (isset($operation['esc_period']) && ($operation['esc_period'] > 0 && $operation['esc_period'] < 60)) { error(S_INCORRECT_ESCALATION_PERIOD); return false; } switch ($operation['operationtype']) { case OPERATION_TYPE_MESSAGE: switch ($operation['object']) { case OPERATION_OBJECT_USER: $users = CUser::get(array('userids' => $operation['objectid'], 'output' => API_OUTPUT_EXTEND)); if (empty($users)) { error(S_INCORRECT_USER); return false; } break; case OPERATION_OBJECT_GROUP: $usrgrps = CUserGroup::get(array('usrgrpids' => $operation['objectid'], 'output' => API_OUTPUT_EXTEND)); if (empty($usrgrps)) { error(S_INCORRECT_GROUP); return false; } break; default: error(S_INCORRECT_OBJECT_TYPE); return false; } break; case OPERATION_TYPE_COMMAND: return validate_commands($operation['longdata']); case OPERATION_TYPE_HOST_ADD: case OPERATION_TYPE_HOST_REMOVE: case OPERATION_TYPE_HOST_ENABLE: case OPERATION_TYPE_HOST_DISABLE: break; case OPERATION_TYPE_GROUP_ADD: case OPERATION_TYPE_GROUP_REMOVE: $groups = CHostGroup::get(array('groupids' => $operation['objectid'], 'output' => API_OUTPUT_SHORTEN, 'editable' => 1)); if (empty($groups)) { error(S_INCORRECT_GROUP); return false; } break; case OPERATION_TYPE_TEMPLATE_ADD: case OPERATION_TYPE_TEMPLATE_REMOVE: $tpls = CTemplate::get(array('templateids' => $operation['objectid'], 'output' => API_OUTPUT_SHORTEN, 'editable' => 1)); if (empty($tpls)) { error(S_INCORRECT_HOST); return false; } break; default: error(S_INCORRECT_OPERATION_TYPE); return false; } return true; }