-
Notifications
You must be signed in to change notification settings - Fork 43
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Restrict host and service lists when adding new or editing old nodes
resolves #67
- Loading branch information
Johannes Meyer
committed
Feb 22, 2019
1 parent
d1f32c5
commit 68aedc3
Showing
3 changed files
with
115 additions
and
90 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
<?php | ||
|
||
namespace Icinga\Module\Businessprocess; | ||
|
||
use Icinga\Authentication\Auth; | ||
use Icinga\Data\Filter\Filter; | ||
use Icinga\Exception\ConfigurationError; | ||
use Icinga\Exception\QueryException; | ||
|
||
trait MonitoringRestrictions | ||
{ | ||
/** | ||
* Return a filter for the given restriction | ||
* | ||
* @param string $name Name of the restriction | ||
* | ||
* @return Filter|null Filter object or null if the authenticated user is not restricted | ||
* @throws ConfigurationError If the restriction contains invalid filter columns | ||
*/ | ||
protected function getRestriction($name) | ||
{ | ||
// Borrowed from Icinga\Module\Monitoring\Controller | ||
$restriction = Filter::matchAny(); | ||
$restriction->setAllowedFilterColumns(array( | ||
'host_name', | ||
'hostgroup_name', | ||
'instance_name', | ||
'service_description', | ||
'servicegroup_name', | ||
function ($c) { | ||
return preg_match('/^_(?:host|service)_/i', $c); | ||
} | ||
)); | ||
|
||
foreach (Auth::getInstance()->getRestrictions($name) as $filter) { | ||
if ($filter === '*') { | ||
return Filter::matchAny(); | ||
} | ||
|
||
try { | ||
$restriction->addFilter(Filter::fromQueryString($filter)); | ||
} catch (QueryException $e) { | ||
throw new ConfigurationError( | ||
mt( | ||
'monitoring', | ||
'Cannot apply restriction %s using the filter %s. You can only use the following columns: %s' | ||
), | ||
$name, | ||
$filter, | ||
implode(', ', array( | ||
'instance_name', | ||
'host_name', | ||
'hostgroup_name', | ||
'service_description', | ||
'servicegroup_name', | ||
'_(host|service)_<customvar-name>' | ||
)), | ||
$e | ||
); | ||
} | ||
} | ||
|
||
return $restriction; | ||
} | ||
} |