Skip to content

Commit

Permalink
Restrict host and service lists when adding new or editing old nodes
Browse files Browse the repository at this point in the history 
resolves #67
  • Loading branch information
Johannes Meyer committed Feb 22, 2019
1 parent d1f32c5 commit 68aedc3
Show file tree
Hide file tree
Showing 3 changed files with 115 additions and 90 deletions.
70 changes: 25 additions & 45 deletions application/forms/AddNodeForm.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
use Icinga\Module\Businessprocess\BpConfig;
use Icinga\Module\Businessprocess\ImportedNode;
use Icinga\Module\Businessprocess\Modification\ProcessChanges;
use Icinga\Module\Businessprocess\MonitoringRestrictions;
use Icinga\Module\Businessprocess\Storage\Storage;
use Icinga\Module\Businessprocess\Web\Form\QuickForm;
use Icinga\Module\Businessprocess\Web\Form\Validator\NoDuplicateChildrenValidator;
Expand All @@ -14,6 +15,8 @@

class AddNodeForm extends QuickForm
{
use MonitoringRestrictions;

/** @var MonitoringBackend */
protected $backend;

Expand Down Expand Up @@ -329,9 +332,13 @@ public function setSession(SessionNamespace $session)

protected function enumHostForServiceList()
{
$names = $this->backend->select()->from('hostStatus', array(
'hostname' => 'host_name',
))->order('host_name')->getQuery()->fetchColumn();
$names = $this->backend
->select()
->from('hostStatus', ['hostname' => 'host_name'])
->applyFilter($this->getRestriction('monitoring/filter/objects'))
->order('host_name')
->getQuery()
->fetchColumn();

// fetchPairs doesn't seem to work when using the same column with
// different aliases twice
Expand All @@ -341,9 +348,13 @@ protected function enumHostForServiceList()

protected function enumHostList()
{
$names = $this->backend->select()->from('hostStatus', array(
'hostname' => 'host_name',
))->order('host_name')->getQuery()->fetchColumn();
$names = $this->backend
->select()
->from('hostStatus', ['hostname' => 'host_name'])
->applyFilter($this->getRestriction('monitoring/filter/objects'))
->order('host_name')
->getQuery()
->fetchColumn();

// fetchPairs doesn't seem to work when using the same column with
// different aliases twice
Expand All @@ -358,12 +369,14 @@ protected function enumHostList()

protected function enumServiceList($host)
{
$query = $this->backend->select()->from(
'serviceStatus',
array('service' => 'service_description')
)->where('host_name', $host);
$query->order('service_description');
$names = $query->getQuery()->fetchColumn();
$names = $this->backend
->select()
->from('serviceStatus', ['service' => 'service_description'])
->where('host_name', $host)
->applyFilter($this->getRestriction('monitoring/filter/objects'))
->order('service_description')
->getQuery()
->fetchColumn();

$services = array();
foreach ($names as $name) {
Expand Down Expand Up @@ -440,39 +453,6 @@ protected function collectAllParents(BpNode $node, array & $parents)
}
}

protected function fetchObjectList()
{
$this->objectList = array();
$hosts = $this->backend->select()->from('hostStatus', array(
'hostname' => 'host_name',
'in_downtime' => 'host_in_downtime',
'ack' => 'host_acknowledged',
'state' => 'host_state'
))->order('host_name')->getQuery()->fetchAll();

$services = $this->backend->select()->from('serviceStatus', array(
'hostname' => 'host_name',
'service' => 'service_description',
'in_downtime' => 'service_in_downtime',
'ack' => 'service_acknowledged',
'state' => 'service_state'
))->order('host_name')->order('service_description')->getQuery()->fetchAll();

foreach ($hosts as $host) {
$this->objectList[$host->hostname] = array(
$host->hostname . ';Hoststatus' => 'Host Status'
);
}

foreach ($services as $service) {
$this->objectList[$service->hostname][
$service->hostname . ';' . $service->service
] = $service->service;
}

return $this;
}

public function onSuccess()
{
$changes = ProcessChanges::construct($this->bp, $this->session);
Expand Down
70 changes: 25 additions & 45 deletions application/forms/EditNodeForm.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
use Icinga\Module\Businessprocess\BpNode;
use Icinga\Module\Businessprocess\BpConfig;
use Icinga\Module\Businessprocess\Modification\ProcessChanges;
use Icinga\Module\Businessprocess\MonitoringRestrictions;
use Icinga\Module\Businessprocess\Node;
use Icinga\Module\Businessprocess\Web\Form\QuickForm;
use Icinga\Module\Businessprocess\Web\Form\Validator\NoDuplicateChildrenValidator;
Expand All @@ -13,6 +14,8 @@

class EditNodeForm extends QuickForm
{
use MonitoringRestrictions;

/** @var MonitoringBackend */
protected $backend;

Expand Down Expand Up @@ -283,9 +286,13 @@ public function setSession(SessionNamespace $session)

protected function enumHostForServiceList()
{
$names = $this->backend->select()->from('hostStatus', array(
'hostname' => 'host_name',
))->order('host_name')->getQuery()->fetchColumn();
$names = $this->backend
->select()
->from('hostStatus', ['hostname' => 'host_name'])
->applyFilter($this->getRestriction('monitoring/filter/objects'))
->order('host_name')
->getQuery()
->fetchColumn();

// fetchPairs doesn't seem to work when using the same column with
// different aliases twice
Expand All @@ -295,9 +302,13 @@ protected function enumHostForServiceList()

protected function enumHostList()
{
$names = $this->backend->select()->from('hostStatus', array(
'hostname' => 'host_name',
))->order('host_name')->getQuery()->fetchColumn();
$names = $this->backend
->select()
->from('hostStatus', ['hostname' => 'host_name'])
->applyFilter($this->getRestriction('monitoring/filter/objects'))
->order('host_name')
->getQuery()
->fetchColumn();

// fetchPairs doesn't seem to work when using the same column with
// different aliases twice
Expand All @@ -312,12 +323,14 @@ protected function enumHostList()

protected function enumServiceList($host)
{
$query = $this->backend->select()->from(
'serviceStatus',
array('service' => 'service_description')
)->where('host_name', $host);
$query->order('service_description');
$names = $query->getQuery()->fetchColumn();
$names = $this->backend
->select()
->from('serviceStatus', ['service' => 'service_description'])
->where('host_name', $host)
->applyFilter($this->getRestriction('monitoring/filter/objects'))
->order('service_description')
->getQuery()
->fetchColumn();

$services = array();
foreach ($names as $name) {
Expand Down Expand Up @@ -367,39 +380,6 @@ protected function collectAllParents(BpNode $node, array & $parents)
}
}

protected function fetchObjectList()
{
$this->objectList = array();
$hosts = $this->backend->select()->from('hostStatus', array(
'hostname' => 'host_name',
'in_downtime' => 'host_in_downtime',
'ack' => 'host_acknowledged',
'state' => 'host_state'
))->order('host_name')->getQuery()->fetchAll();

$services = $this->backend->select()->from('serviceStatus', array(
'hostname' => 'host_name',
'service' => 'service_description',
'in_downtime' => 'service_in_downtime',
'ack' => 'service_acknowledged',
'state' => 'service_state'
))->order('host_name')->order('service_description')->getQuery()->fetchAll();

foreach ($hosts as $host) {
$this->objectList[$host->hostname] = array(
$host->hostname . ';Hoststatus' => 'Host Status'
);
}

foreach ($services as $service) {
$this->objectList[$service->hostname][
$service->hostname . ';' . $service->service
] = $service->service;
}

return $this;
}

/**
* @param Node $node
* @return $this
Expand Down
65 changes: 65 additions & 0 deletions library/Businessprocess/MonitoringRestrictions.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
<?php

namespace Icinga\Module\Businessprocess;

use Icinga\Authentication\Auth;
use Icinga\Data\Filter\Filter;
use Icinga\Exception\ConfigurationError;
use Icinga\Exception\QueryException;

trait MonitoringRestrictions
{
/**
* Return a filter for the given restriction
*
* @param string $name Name of the restriction
*
* @return Filter|null Filter object or null if the authenticated user is not restricted
* @throws ConfigurationError If the restriction contains invalid filter columns
*/
protected function getRestriction($name)
{
// Borrowed from Icinga\Module\Monitoring\Controller
$restriction = Filter::matchAny();
$restriction->setAllowedFilterColumns(array(
'host_name',
'hostgroup_name',
'instance_name',
'service_description',
'servicegroup_name',
function ($c) {
return preg_match('/^_(?:host|service)_/i', $c);
}
));

foreach (Auth::getInstance()->getRestrictions($name) as $filter) {
if ($filter === '*') {
return Filter::matchAny();
}

try {
$restriction->addFilter(Filter::fromQueryString($filter));
} catch (QueryException $e) {
throw new ConfigurationError(
mt(
'monitoring',
'Cannot apply restriction %s using the filter %s. You can only use the following columns: %s'
),
$name,
$filter,
implode(', ', array(
'instance_name',
'host_name',
'hostgroup_name',
'service_description',
'servicegroup_name',
'_(host|service)_<customvar-name>'
)),
$e
);
}
}

return $restriction;
}
}

0 comments on commit 68aedc3

Please sign in to comment.