function granted2move_user($userid, $usrgrpid) { global $USER_DETAILS; $result = true; $group = get_group_by_usrgrpid($usrgrpid); if ($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED || $group['users_status'] == GROUP_STATUS_DISABLED) { $result = bccomp($USER_DETAILS['userid'], $userid) != 0; } return $result; }
unset($_REQUEST['form']); } } else { if (isset($_REQUEST['set_gui_access']) && isset($_REQUEST['usrgrpid'])) { $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); $result = change_group_gui_access($_REQUEST['usrgrpid'], $_REQUEST['set_gui_access']); show_messages($result, S_GROUP . ' "' . $group['name'] . '" ' . S_GUI_ACCESS_UPDATED, S_CANNOT_UPDATE_GUI_ACCESS); if ($result) { $audit_action = $_REQUEST['set_gui_access'] == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_UPDATE; add_audit($audit_action, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']'); unset($_REQUEST['usrgrpid']); } unset($_REQUEST['form']); } else { if (isset($_REQUEST['set_users_status']) && isset($_REQUEST['usrgrpid'])) { $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); $result = change_group_status($_REQUEST['usrgrpid'], $_REQUEST['set_users_status']); $status_msg1 = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? S_ENABLED : S_DISABLED; $status_msg2 = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? S_ENABLE : S_DISABLE; show_messages($result, S_GROUP . SPACE . '"' . $group['name'] . '"' . SPACE . $status_msg1, S_CANNOT . SPACE . $status_msg2 . SPACE . S_GROUP); if ($result) { $audit_action = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? AUDIT_ACTION_ENABLE : AUDIT_ACTION_DISABLE; add_audit($audit_action, AUDIT_RESOURCE_USER_GROUP, 'Group name [' . $group['name'] . ']'); unset($_REQUEST['usrgrpid']); } unset($_REQUEST['form']); } } } } }
$form = new CForm(); $form->setName('scripts'); $form->setAttribute('id', 'scripts'); $form->addVar('action', '1'); $numrows = new CSpan(null, 'info'); $numrows->setAttribute('name', 'numrows'); $header = get_table_header(array(S_SCRIPTS, new CSpan(SPACE . SPACE . '|' . SPACE . SPACE, 'divider'), S_FOUND . ': ', $numrows)); show_table_header($header); $table = new CTableInfo(S_NO_SCRIPTS_DEFINED); $table->setHeader(array(new CCheckBox('all_scripts', null, "checkAll('" . $form->getName() . "','all_scripts','scripts');"), make_sorting_link(S_NAME, 's.name'), make_sorting_link(S_COMMAND, 's.command'), S_USER_GROUP, S_HOST_GROUP, S_HOST_ACCESS)); $sql = 'SELECT s.* ' . ' FROM scripts s ' . ' WHERE ' . DBin_node('s.scriptid') . order_by('s.name,s.command'); $scripts = DBselect($sql); while ($script = DBfetch($scripts)) { $user_group_name = S_ALL_S; if ($script['usrgrpid'] > 0) { $user_group = get_group_by_usrgrpid($script['usrgrpid']); $user_group_name = $user_group['name']; } $host_group_name = S_ALL_S; if ($script['groupid'] > 0) { $group = get_hostgroup_by_groupid($script['groupid']); $host_group_name = $group['name']; } $table->addRow(array(new CCheckBox('scripts[' . $script['scriptid'] . ']', 'no', NULL, $script['scriptid']), new CLink($script['name'], 'scripts.php?form=1' . '&scriptid=' . $script['scriptid'] . '#form'), htmlspecialchars($script['command']), $user_group_name, $host_group_name, PERM_READ_WRITE == $script['host_access'] ? S_WRITE : S_READ)); $row_count++; } //----- GO ------ $goBox = new CComboBox('go'); $goBox->addItem('delete', S_DELETE_SELECTED); // goButton name is necessary!!! $goButton = new CButton('goButton', S_GO . ' (0)');
function validate_operation($operation) { global $USER_DETAILS; switch ($operation['operationtype']) { case OPERATION_TYPE_MESSAGE: switch ($operation['object']) { case OPERATION_OBJECT_USER: if (!get_user_by_userid($operation['objectid'])) { error(S_INCORRECT_USER); return false; } break; case OPERATION_OBJECT_GROUP: if (!get_group_by_usrgrpid($operation['objectid'])) { error(S_INCORRECT_GROUP); return false; } break; default: error(S_INCORRECT_OBJECT_TYPE); return false; } break; case OPERATION_TYPE_COMMAND: return validate_commands($operation['longdata']); case OPERATION_TYPE_HOST_ADD: case OPERATION_TYPE_HOST_REMOVE: break; case OPERATION_TYPE_GROUP_ADD: case OPERATION_TYPE_GROUP_REMOVE: if (!uint_in_array($operation['objectid'], get_accessible_groups_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) { error(S_INCORRECT_GROUP); return false; } break; case OPERATION_TYPE_TEMPLATE_ADD: case OPERATION_TYPE_TEMPLATE_REMOVE: if (!uint_in_array($operation['objectid'], get_accessible_hosts_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) { error(S_INCORRECT_HOST); return false; } break; default: error(S_INCORRECT_OPERATION_TYPE); return false; } return true; }
function get_act_new_oper_form($action = null) { $tblOper = new CTableInfo(); if (isset($_REQUEST['actionid']) && empty($action)) { $action = get_action_by_actionid($_REQUEST['actionid']); } $operations = get_request("operations", array()); if (isset($_REQUEST['actionid']) && !isset($_REQUEST['form_refresh'])) { $eventsource = $action['eventsource']; } else { $eventsource = get_request('eventsource'); } $allowed_operations = get_operations_by_eventsource($eventsource); /* init new_operation variable */ $new_operation = get_request('new_operation', array()); if (!is_array($new_operation)) { $new_operation = array(); $new_operation['default_msg'] = 1; } if (!isset($new_operation['operationtype'])) { $new_operation['operationtype'] = OPERATION_TYPE_MESSAGE; } if (!isset($new_operation['object'])) { $new_operation['object'] = OPERATION_OBJECT_GROUP; } if (!isset($new_operation['objectid'])) { $new_operation['objectid'] = 0; } if (!isset($new_operation['shortdata'])) { $new_operation['shortdata'] = '{TRIGGER.NAME}: {STATUS}'; } if (!isset($new_operation['longdata'])) { $new_operation['longdata'] = '{TRIGGER.NAME}: {STATUS}'; } if (!isset($new_operation['esc_step_from'])) { $new_operation['esc_step_from'] = 1; } if (!isset($new_operation['esc_step_to'])) { $new_operation['esc_step_to'] = 1; } if (!isset($new_operation['esc_period'])) { $new_operation['esc_period'] = 0; } if (!isset($new_operation['evaltype'])) { $new_operation['evaltype'] = 0; } if (!isset($new_operation['opconditions'])) { $new_operation['opconditions'] = array(); } if (!isset($new_operation['default_msg'])) { $new_operation['default_msg'] = 0; } unset($update_mode); $evaltype = $new_operation['evaltype']; if (isset($new_operation['id'])) { $tblOper->addItem(new CVar('new_operation[id]', $new_operation['id'])); $update_mode = true; } $tblNewOperation = new CTable(null, 'nowrap'); if (isset($_REQUEST['escalation'])) { $tblStep = new CTable(null, 'nowrap'); $step_from = new CNumericBox('new_operation[esc_step_from]', $new_operation['esc_step_from'], 4); $step_from->addAction('onchange', 'javascript:' . $step_from->GetOption('onchange') . ' if(this.value == 0) this.value=1;'); $tblStep->addRow(array(S_FROM, $step_from)); $tblStep->addRow(array(S_TO, new CCol(array(new CNumericBox('new_operation[esc_step_to]', $new_operation['esc_step_to'], 4), ' [0-' . S_INFINITY . ']')))); $tblStep->addRow(array(S_PERIOD, new CCol(array(new CNumericBox('new_operation[esc_period]', $new_operation['esc_period'], 5), ' [0-' . S_DEFAULT . ']')))); $tblNewOperation->addRow(array(S_STEP, $tblStep)); } else { $tblOper->addItem(new CVar('new_operation[esc_period]', $new_operation['esc_period'])); $tblOper->addItem(new CVar('new_operation[esc_step_from]', $new_operation['esc_step_from'])); $tblOper->addItem(new CVar('new_operation[esc_step_to]', $new_operation['esc_step_to'])); $tblOper->addItem(new CVar('new_operation[evaltype]', $new_operation['evaltype'])); } $cmbOpType = new CComboBox('new_operation[operationtype]', $new_operation['operationtype'], 'submit()'); foreach ($allowed_operations as $oper) { $cmbOpType->addItem($oper, operation_type2str($oper)); } $tblNewOperation->addRow(array(S_OPERATION_TYPE, $cmbOpType)); switch ($new_operation['operationtype']) { case OPERATION_TYPE_MESSAGE: if ($new_operation['object'] == OPERATION_OBJECT_GROUP) { $object_srctbl = 'usrgrp'; $object_srcfld1 = 'usrgrpid'; $object_name = get_group_by_usrgrpid($new_operation['objectid']); $display_name = 'name'; } else { $object_srctbl = 'users'; $object_srcfld1 = 'userid'; $object_name = get_user_by_userid($new_operation['objectid']); $display_name = 'alias'; } $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); if ($object_name) { $object_name = $object_name[$display_name]; } $cmbObject = new CComboBox('new_operation[object]', $new_operation['object'], 'submit()'); $cmbObject->addItem(OPERATION_OBJECT_USER, S_SINGLE_USER); $cmbObject->addItem(OPERATION_OBJECT_GROUP, S_USER_GROUP); $tblNewOperation->addRow(array(S_SEND_MESSAGE_TO, array($cmbObject, new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=' . $object_srctbl . '&srcfld1=' . $object_srcfld1 . '&srcfld2=' . $display_name . '",450,450)', 'T')))); $tblNewOperation->addRow(array(S_DEFAULT_MESSAGE, new CCheckBox('new_operation[default_msg]', $new_operation['default_msg'], 'javascript: submit();', 1))); if (!$new_operation['default_msg']) { $tblNewOperation->addRow(array(S_SUBJECT, new CTextBox('new_operation[shortdata]', $new_operation['shortdata'], 77))); $tblNewOperation->addRow(array(S_MESSAGE, new CTextArea('new_operation[longdata]', $new_operation['longdata'], 77, 7))); } else { $tblOper->addItem(new CVar('new_operation[shortdata]', $new_operation['shortdata'])); $tblOper->addItem(new CVar('new_operation[longdata]', $new_operation['longdata'])); } break; case OPERATION_TYPE_COMMAND: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', 0)); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblNewOperation->addRow(array(S_REMOTE_COMMAND, new CTextArea('new_operation[longdata]', $new_operation['longdata'], 77, 7))); break; case OPERATION_TYPE_HOST_ADD: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', 0)); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); break; case OPERATION_TYPE_HOST_REMOVE: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', 0)); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); break; case OPERATION_TYPE_GROUP_ADD: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('select name FROM groups WHERE groupid=' . $new_operation['objectid']))) { $object_name = $object_name['name']; } $tblNewOperation->addRow(array(S_GROUP, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_group&srcfld1=groupid&srcfld2=name' . '",450,450)', 'T')))); break; case OPERATION_TYPE_GROUP_REMOVE: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('select name FROM groups WHERE groupid=' . $new_operation['objectid']))) { $object_name = $object_name['name']; } $tblNewOperation->addRow(array(S_GROUP, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_group&srcfld1=groupid&srcfld2=name' . '",450,450)', 'T')))); break; case OPERATION_TYPE_TEMPLATE_ADD: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('SELECT host FROM hosts ' . ' WHERE status=' . HOST_STATUS_TEMPLATE . ' AND hostid=' . $new_operation['objectid']))) { $object_name = $object_name['host']; } $tblNewOperation->addRow(array(S_TEMPLATE, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_templates&srcfld1=hostid&srcfld2=host' . '",450,450)', 'T')))); break; case OPERATION_TYPE_TEMPLATE_REMOVE: $tblOper->addItem(new CVar('new_operation[object]', 0)); $tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid'])); $tblOper->addItem(new CVar('new_operation[shortdata]', '')); $tblOper->addItem(new CVar('new_operation[longdata]', '')); if ($object_name = DBfetch(DBselect('SELECT host FROM hosts ' . ' WHERE status=' . HOST_STATUS_TEMPLATE . ' AND hostid=' . $new_operation['objectid']))) { $object_name = $object_name['host']; } $tblNewOperation->addRow(array(S_TEMPLATE, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_templates&srcfld1=hostid&srcfld2=host' . '",450,450)', 'T')))); break; } // new Operation conditions if (isset($_REQUEST['escalation'])) { $tblCond = new CTable(); $opconditions = $new_operation['opconditions']; $allowed_opconditions = get_opconditions_by_eventsource($eventsource); // show opcondition LIST zbx_rksort($opconditions); /* group opconditions by type */ $grouped_opconditions = array(); $cond_el = new CTable(S_NO_CONDITIONS_DEFINED); $i = 0; foreach ($opconditions as $val) { if (!isset($val['conditiontype'])) { $val['conditiontype'] = 0; } if (!isset($val['operator'])) { $val['operator'] = 0; } if (!isset($val['value'])) { $val['value'] = 0; } if (!str_in_array($val["conditiontype"], $allowed_opconditions)) { continue; } $label = chr(ord('A') + $i); $cond_el->addRow(array('(' . $label . ')', array(new CCheckBox("g_opconditionid[]", 'no', null, $i), get_condition_desc($val["conditiontype"], $val["operator"], $val["value"])))); $tblCond->addItem(new CVar("new_operation[opconditions][{$i}][conditiontype]", $val["conditiontype"])); $tblCond->addItem(new CVar("new_operation[opconditions][{$i}][operator]", $val["operator"])); $tblCond->addItem(new CVar("new_operation[opconditions][{$i}][value]", $val["value"])); $grouped_opconditions[$val["conditiontype"]][] = $label; $i++; } unset($opconditions); $cond_buttons = array(); if (!isset($_REQUEST['new_opcondition'])) { $cond_buttons[] = new CButton('new_opcondition', S_NEW); } if ($cond_el->ItemsCount() > 0) { if ($cond_el->ItemsCount() > 1) { /* prepare opcondition calcuation type selector */ switch ($evaltype) { case ACTION_EVAL_TYPE_AND: $group_op = $glog_op = S_AND; break; case ACTION_EVAL_TYPE_OR: $group_op = $glog_op = S_OR; break; default: $group_op = S_OR; $glog_op = S_AND; break; } foreach ($grouped_opconditions as $id => $val) { $grouped_opconditions[$id] = '(' . implode(' ' . $group_op . ' ', $val) . ')'; } $grouped_opconditions = implode(' ' . $glog_op . ' ', $grouped_opconditions); $cmb_calc_type = new CComboBox('new_operation[evaltype]', $evaltype, 'submit()'); $cmb_calc_type->addItem(ACTION_EVAL_TYPE_AND_OR, S_AND_OR_BIG); $cmb_calc_type->addItem(ACTION_EVAL_TYPE_AND, S_AND_BIG); $cmb_calc_type->addItem(ACTION_EVAL_TYPE_OR, S_OR_BIG); $tblNewOperation->addRow(array(S_TYPE_OF_CALCULATION, new CCol(array($cmb_calc_type, new CTextBox('preview', $grouped_opconditions, 60, 'yes'))))); unset($cmb_calc_type, $group_op, $glog_op); /* end of calcuation type selector */ } else { $tblCond->addItem(new CVar('new_operation[evaltype]', ACTION_EVAL_TYPE_AND_OR)); } $cond_buttons[] = new CButton('del_opcondition', S_DELETE_SELECTED); } else { $tblCond->addItem(new CVar('new_operation[evaltype]', ACTION_EVAL_TYPE_AND_OR)); } $tblCond->addRow($cond_el); $tblCond->addRow(new CCol($cond_buttons)); // end of opcondition LIST $tblNewOperation->addRow(array(S_CONDITIONS, $tblCond)); unset($grouped_opconditions, $cond_el, $cond_buttons, $tblCond); } $tblOper->addRow($tblNewOperation); $td = new CCol(array(new CButton('add_operation', isset($update_mode) ? S_SAVE : S_ADD), SPACE, new CButton('cancel_new_operation', S_CANCEL))); $td->addOption('colspan', '3'); $td->addOption('style', 'text-align: right;'); $tblOper->SetFooter($td); return $tblOper; }