From 3c78e0ccc7b48be4a5014ee532f059ecbdd4b3ac Mon Sep 17 00:00:00 2001 From: Jellyfrog Date: Wed, 22 Jul 2020 03:34:42 +0200 Subject: [PATCH] Add permission support to Oxidized config search (#11928) --- includes/html/forms/search-oxidized-config.inc.php | 6 +++--- includes/html/functions.inc.php | 12 ++++++++++++ 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/includes/html/forms/search-oxidized-config.inc.php b/includes/html/forms/search-oxidized-config.inc.php index bab6be2716..f75491d91f 100644 --- a/includes/html/forms/search-oxidized-config.inc.php +++ b/includes/html/forms/search-oxidized-config.inc.php @@ -15,11 +15,11 @@ $status = 'error'; $message = 'unknown error'; $parameters = clean($_POST['search_in_conf_textbox']); if (isset($parameters)) { - $status = 'ok'; $message = 'Queried'; - $output = search_oxidized_config($parameters); + if ($output = search_oxidized_config($parameters)) { + $status = 'ok'; + } } else { - $status = 'error'; $message = 'ERROR: Could not query'; } echo display(_json_encode(array( diff --git a/includes/html/functions.inc.php b/includes/html/functions.inc.php index d866f37482..c1274a3859 100644 --- a/includes/html/functions.inc.php +++ b/includes/html/functions.inc.php @@ -1104,6 +1104,10 @@ function get_rules_from_json() function search_oxidized_config($search_in_conf_textbox) { + if (!Auth::user()->hasGlobalRead()) { + return false; + } + $oxidized_search_url = Config::get('oxidized.url') . '/nodes/conf_search?format=json'; $postdata = http_build_query( array( @@ -1125,6 +1129,14 @@ function search_oxidized_config($search_in_conf_textbox) $dev = device_by_name($n['node']); $n['dev_id'] = $dev ? $dev['device_id'] : false; } + + /* + // Filter nodes we don't have access too + $nodes = array_filter($nodes, function($device) { + return \Permissions::canAccessDevice($device['dev_id'], Auth::id()); + }); + */ + return $nodes; }