mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Device group based access (#10568)

Browse Source 
* Device group based access

* Use Permissions class to resolve permissions

Also give port access based on device access

* Convert more pages to use Permissions class

* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json

* Change Models and Permissions

* Clean up ajax_search LIMIT sql

* Convert more pages to use Permissions class

Co-authored-by: Tony Murray <murraytony@gmail.com>
This commit is contained in:
Jellyfrog
2019-12-30 12:11:26 +01:00
committed by GitHub
parent 1998b8dd00
commit b361710148
44 changed files with 402 additions and 252 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
includes/caches/alerts.inc.php
View File

@@ -3,8 +3,11 @@
if (Auth::user()->hasGlobalRead()) {
$data['active_count'] = array('query' => 'SELECT COUNT(`alerts`.`id`) FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id` RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE 1 AND `alerts`.`state` NOT IN (0,2) AND `devices`.`disabled` = 0 AND `devices`.`ignore` = 0');
} else {
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
$perms_sql = "`D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
$data['active_count'] = array(
'query' => 'SELECT COUNT(`alerts`.`id`) FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id` LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id` RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE 1 AND `alerts`.`state` NOT IN (0,2) AND `devices`.`disabled` = 0 AND `devices`.`ignore` = 0 AND `DP`.`user_id`=?',
'params' => array(Auth::id()),
'query' => 'SELECT COUNT(`alerts`.`id`) FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id` RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE $perms_sql AND `alerts`.`state` NOT IN (0,2) AND `devices`.`disabled` = 0 AND `devices`.`ignore` = 0',
'params' => $device_ids
);
}

23
includes/caches/devices.inc.php
View File

@@ -11,28 +11,31 @@ if (Auth::user()->hasGlobalRead()) {
$data['disabled'] = array('query' => "SELECT COUNT(*) FROM devices WHERE `disabled` = '1'");
} else {
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
$perms_sql = "`D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
$data['count'] = array(
'query' => 'SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id`',
'params' => array(Auth::id()),
'query' => 'SELECT COUNT(*) FROM devices AS D WHERE $perms_sql',
'params' => $device_ids
);
$data['up'] = array(
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`status` = '1' AND D.`ignore` = '0' AND D.`disabled` = '0'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`status` = '1' AND D.`ignore` = '0' AND D.`disabled` = '0'",
'params' => $device_ids
);
$data['down'] = array(
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`status` = '0' AND D.`ignore` = '0' AND D.`disabled` = '0'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`status` = '0' AND D.`ignore` = '0' AND D.`disabled` = '0'",
'params' => $device_ids
);
$data['ignored'] = array(
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`ignore` = '1' AND D.`disabled` = '0'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`ignore` = '1' AND D.`disabled` = '0'",
'params' => $device_ids
);
$data['disabled'] = array(
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`disabled` = '1'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`disabled` = '1'",
'params' => $device_ids
);
}//end if

27
includes/caches/ports.inc.php
View File

@@ -13,33 +13,36 @@ if (Auth::user()->hasGlobalRead()) {
$data['ignored'] = array('query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE I.`deleted` = '0' AND D.`device_id` = I.`device_id` AND (I.`ignore` = '1' OR D.`ignore` = '1')");
} else {
$device_ids = Permissions::portsForUser()->toArray() ?: [0];
$perms_sql = "`I`.`port_id` IN " .dbGenPlaceholders(count($device_ids));
$data['count'] = array(
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id`",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM ports AS I WHERE $perms_sql AND I.`deleted` = '0'",
'params' => $device_ids
);
$data['up'] = array(
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'up'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'up'",
'params' => $device_ids
);
$data['down'] = array(
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'down' AND I.`ifAdminStatus` = 'up'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'down' AND I.`ifAdminStatus` = 'up'",
'params' => $device_ids
);
$data['shutdown'] = array(
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifAdminStatus` = 'down'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifAdminStatus` = 'down'",
'params' => $device_ids
);
$data['errored'] = array(
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND (I.`ifInErrors_delta` > '0' OR I.`ifOutErrors_delta` > '0')",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND (I.`ifInErrors_delta` > '0' OR I.`ifOutErrors_delta` > '0')",
'params' => $device_ids
);
$data['ignored'] = array(
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND (I.`ignore` = '1' OR D.`ignore` = '1')",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND (I.`ignore` = '1' OR D.`ignore` = '1')",
'params' => $device_ids
);
}//end if

23
includes/caches/services.inc.php
View File

@@ -7,28 +7,31 @@ if (Auth::user()->hasGlobalRead()) {
$data['ignored'] = array( 'query' => "SELECT COUNT(*) FROM services WHERE `service_ignore` = '1' AND `service_disabled` = '0'");
$data['disabled'] = array( 'query' => "SELECT COUNT(*) FROM services WHERE `service_disabled` = '1'");
} else {
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
$perms_sql = "`S`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
$data['count'] = array(
'query' => 'SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id`',
'params' => array(Auth::id()),
'query' => 'SELECT COUNT(*) FROM services AS S WHERE $perms_sql',
'params' => $device_ids
);
$data['up'] = array(
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '0'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '0'",
'params' => $device_ids
);
$data['down'] = array(
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '2'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '2'",
'params' => $device_ids
);
$data['ignored'] = array(
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_ignore` = '1' AND S.`service_disabled` = '0'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_ignore` = '1' AND S.`service_disabled` = '0'",
'params' => $device_ids
);
$data['disabled'] = array(
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_disabled` = '1'",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_disabled` = '1'",
'params' => $device_ids
);
}//end if

7
includes/caches/toner.inc.php
View File

@@ -3,8 +3,11 @@
if (Auth::user()->hasGlobalRead()) {
$data['count'] = array('query' => "SELECT COUNT(`toner_id`) FROM toner");
} else {
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
$perms_sql = "`toner`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
$data['count'] = array(
'query' => "SELECT COUNT(`toner_id`) FROM toner AS T, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND T.`device_id` = D.`device_id`",
'params' => array(Auth::id()),
'query' => "SELECT COUNT(`toner_id`) FROM toner WHERE $perms_sql",
'params' => $device_ids
);
}