zabbix/ui/app/controllers/CControllerUserroleCreate.php

<?php declare(strict_types = 0);
/*
** Zabbix
** Copyright (C) 2001-2023 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
**/


/**
 * Class containing operations with userrole create form.
 */
class CControllerUserroleCreate extends CControllerUserroleEditGeneral {

	protected function checkInput(): bool {
		$fields = [
			'name' => 										'required|not_empty|db role.name',
			'type' => 										'required|in '.implode(',', [USER_TYPE_ZABBIX_USER, USER_TYPE_ZABBIX_ADMIN, USER_TYPE_SUPER_ADMIN]),
			'ui_default_access' => 							'required|in 0,1',
			'modules_default_access' => 					'required|in 0,1',
			'actions_default_access' => 					'required|in 0,1',
			'api_access' => 								'required|in 0,1',
			'ui_monitoring_dashboard' => 					'in 0,1',
			'ui_monitoring_problems' => 					'in 0,1',
			'ui_monitoring_hosts' => 						'in 0,1',
			'ui_monitoring_latest_data' => 					'in 0,1',
			'ui_monitoring_maps' => 						'in 0,1',
			'ui_monitoring_discovery' => 					'in 0,1',
			'ui_services_services' => 						'in 0,1',
			'ui_services_sla' => 							'in 0,1',
			'ui_services_sla_report' => 					'in 0,1',
			'ui_inventory_overview' => 						'in 0,1',
			'ui_inventory_hosts' => 						'in 0,1',
			'ui_reports_system_info' => 					'in 0,1',
			'ui_reports_scheduled_reports' => 				'in 0,1',
			'ui_reports_availability_report' => 			'in 0,1',
			'ui_reports_top_triggers' => 					'in 0,1',
			'ui_reports_audit' => 							'in 0,1',
			'ui_reports_action_log' => 						'in 0,1',
			'ui_reports_notifications' => 					'in 0,1',
			'ui_configuration_template_groups' => 			'in 0,1',
			'ui_configuration_host_groups' => 				'in 0,1',
			'ui_configuration_templates' => 				'in 0,1',
			'ui_configuration_hosts' => 					'in 0,1',
			'ui_configuration_maintenance' => 				'in 0,1',
			'ui_configuration_trigger_actions' => 			'in 0,1',
			'ui_configuration_service_actions' => 			'in 0,1',
			'ui_configuration_discovery_actions' => 		'in 0,1',
			'ui_configuration_autoregistration_actions' => 	'in 0,1',
			'ui_configuration_internal_actions' => 			'in 0,1',
			'ui_configuration_event_correlation' => 		'in 0,1',
			'ui_configuration_discovery' => 				'in 0,1',
			'ui_administration_general' => 					'in 0,1',
			'ui_administration_audit_log' => 				'in 0,1',
			'ui_administration_housekeeping' => 			'in 0,1',
			'ui_administration_proxies' => 					'in 0,1',
			'ui_administration_macros' => 					'in 0,1',
			'ui_administration_authentication' => 			'in 0,1',
			'ui_administration_user_groups' => 				'in 0,1',
			'ui_administration_user_roles' => 				'in 0,1',
			'ui_administration_users' => 					'in 0,1',
			'ui_administration_api_tokens' => 				'in 0,1',
			'ui_administration_media_types' => 				'in 0,1',
			'ui_administration_scripts' => 					'in 0,1',
			'ui_administration_queue' => 					'in 0,1',
			'actions_edit_dashboards' => 					'in 0,1',
			'actions_edit_maps' => 							'in 0,1',
			'actions_edit_maintenance' => 					'in 0,1',
			'actions_acknowledge_problems' => 				'in 0,1',
			'actions_close_problems' => 					'in 0,1',
			'actions_suppress_problems' =>					'in 0,1',
			'actions_change_severity' => 					'in 0,1',
			'actions_add_problem_comments' => 				'in 0,1',
			'actions_execute_scripts' => 					'in 0,1',
			'actions_manage_api_tokens' => 					'in 0,1',
			'actions_manage_scheduled_reports' => 			'in 0,1',
			'actions_manage_sla' => 						'in 0,1',
			'actions_invoke_execute_now' =>					'in 0,1',
			'actions_change_problem_ranking' =>				'in 0,1',
			'modules' => 									'array',
			'api_mode' => 									'in '.implode(',', [ZBX_ROLE_RULE_API_MODE_DENY, ZBX_ROLE_RULE_API_MODE_ALLOW]),
			'api_methods' => 								'array',
			'service_read_access' => 						'in '.implode(',', [CRoleHelper::SERVICES_ACCESS_NONE, CRoleHelper::SERVICES_ACCESS_ALL, CRoleHelper::SERVICES_ACCESS_LIST]),
			'service_read_list' => 							'array_db services.serviceid',
			'service_read_tag_tag' => 						'string',
			'service_read_tag_value' => 					'string',
			'service_write_access' => 						'in '.implode(',', [CRoleHelper::SERVICES_ACCESS_NONE, CRoleHelper::SERVICES_ACCESS_ALL, CRoleHelper::SERVICES_ACCESS_LIST]),
			'service_write_list' => 						'array_db services.serviceid',
			'service_write_tag_tag' => 						'string',
			'service_write_tag_value' => 					'string',
			'form_refresh' => 								'int32'
		];

		$ret = $this->validateInput($fields);
		$error = $this->getValidationError();

		if (!$ret) {
			switch ($error) {
				case self::VALIDATION_ERROR:
					$response = new CControllerResponseRedirect('zabbix.php?action=userrole.edit');
					$response->setFormData($this->getInputAll());
					CMessageHelper::setErrorTitle(_('Cannot create user role'));
					$this->setResponse($response);
					break;

				case self::VALIDATION_FATAL_ERROR:
					$this->setResponse(new CControllerResponseFatal());
					break;
			}
		}

		return $ret;
	}

	protected function checkPermissions(): bool {
		if (!$this->checkAccess(CRoleHelper::UI_ADMINISTRATION_USER_ROLES)) {
			return false;
		}

		return true;
	}

	/**
	 * @throws APIException
	 */
	protected function doAction(): void {
		$role = [
			'name' => trim($this->getInput('name')),
			'type' => $this->getInput('type')
		];

		$role['rules'] = $this->getRulesInput((int) $role['type']);

		$result = API::Role()->create($role);

		if ($result) {
			$response = new CControllerResponseRedirect(
				(new CUrl('zabbix.php'))
					->setArgument('action', 'userrole.list')
					->setArgument('page', CPagerHelper::loadPage('userrole.list', null))
			);
			$response->setFormData(['uncheck' => '1']);
			CMessageHelper::setSuccessTitle(_('User role created'));
		}
		else {
			$response = new CControllerResponseRedirect(
				(new CUrl('zabbix.php'))->setArgument('action', 'userrole.edit')
			);
			CMessageHelper::setErrorTitle(_('Cannot create user role'));
			$response->setFormData($this->getInputAll());
		}

		$this->setResponse($response);
	}
}
zabbix6.0 1 year ago			`<?php declare(strict_types = 0);`
			`/*`
			`** Zabbix`
			`** Copyright (C) 2001-2023 Zabbix SIA`
			`**`
			`** This program is free software; you can redistribute it and/or modify`
			`** it under the terms of the GNU General Public License as published by`
			`** the Free Software Foundation; either version 2 of the License, or`
			`** (at your option) any later version.`
			`**`
			`** This program is distributed in the hope that it will be useful,`
			`** but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`** GNU General Public License for more details.`
			`**`
			`** You should have received a copy of the GNU General Public License`
			`** along with this program; if not, write to the Free Software`
			`** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`**/`


			`/**`
			`* Class containing operations with userrole create form.`
			`*/`
			`class CControllerUserroleCreate extends CControllerUserroleEditGeneral {`

			`protected function checkInput(): bool {`
			`$fields = [`
			`'name' => 'required\|not_empty\|db role.name',`
			`'type' => 'required\|in '.implode(',', [USER_TYPE_ZABBIX_USER, USER_TYPE_ZABBIX_ADMIN, USER_TYPE_SUPER_ADMIN]),`
			`'ui_default_access' => 'required\|in 0,1',`
			`'modules_default_access' => 'required\|in 0,1',`
			`'actions_default_access' => 'required\|in 0,1',`
			`'api_access' => 'required\|in 0,1',`
			`'ui_monitoring_dashboard' => 'in 0,1',`
			`'ui_monitoring_problems' => 'in 0,1',`
			`'ui_monitoring_hosts' => 'in 0,1',`
			`'ui_monitoring_latest_data' => 'in 0,1',`
			`'ui_monitoring_maps' => 'in 0,1',`
			`'ui_monitoring_discovery' => 'in 0,1',`
			`'ui_services_services' => 'in 0,1',`
			`'ui_services_sla' => 'in 0,1',`
			`'ui_services_sla_report' => 'in 0,1',`
			`'ui_inventory_overview' => 'in 0,1',`
			`'ui_inventory_hosts' => 'in 0,1',`
			`'ui_reports_system_info' => 'in 0,1',`
			`'ui_reports_scheduled_reports' => 'in 0,1',`
			`'ui_reports_availability_report' => 'in 0,1',`
			`'ui_reports_top_triggers' => 'in 0,1',`
			`'ui_reports_audit' => 'in 0,1',`
			`'ui_reports_action_log' => 'in 0,1',`
			`'ui_reports_notifications' => 'in 0,1',`
			`'ui_configuration_template_groups' => 'in 0,1',`
			`'ui_configuration_host_groups' => 'in 0,1',`
			`'ui_configuration_templates' => 'in 0,1',`
			`'ui_configuration_hosts' => 'in 0,1',`
			`'ui_configuration_maintenance' => 'in 0,1',`
			`'ui_configuration_trigger_actions' => 'in 0,1',`
			`'ui_configuration_service_actions' => 'in 0,1',`
			`'ui_configuration_discovery_actions' => 'in 0,1',`
			`'ui_configuration_autoregistration_actions' => 'in 0,1',`
			`'ui_configuration_internal_actions' => 'in 0,1',`
			`'ui_configuration_event_correlation' => 'in 0,1',`
			`'ui_configuration_discovery' => 'in 0,1',`
			`'ui_administration_general' => 'in 0,1',`
			`'ui_administration_audit_log' => 'in 0,1',`
			`'ui_administration_housekeeping' => 'in 0,1',`
			`'ui_administration_proxies' => 'in 0,1',`
			`'ui_administration_macros' => 'in 0,1',`
			`'ui_administration_authentication' => 'in 0,1',`
			`'ui_administration_user_groups' => 'in 0,1',`
			`'ui_administration_user_roles' => 'in 0,1',`
			`'ui_administration_users' => 'in 0,1',`
			`'ui_administration_api_tokens' => 'in 0,1',`
			`'ui_administration_media_types' => 'in 0,1',`
			`'ui_administration_scripts' => 'in 0,1',`
			`'ui_administration_queue' => 'in 0,1',`
			`'actions_edit_dashboards' => 'in 0,1',`
			`'actions_edit_maps' => 'in 0,1',`
			`'actions_edit_maintenance' => 'in 0,1',`
			`'actions_acknowledge_problems' => 'in 0,1',`
			`'actions_close_problems' => 'in 0,1',`
			`'actions_suppress_problems' => 'in 0,1',`
			`'actions_change_severity' => 'in 0,1',`
			`'actions_add_problem_comments' => 'in 0,1',`
			`'actions_execute_scripts' => 'in 0,1',`
			`'actions_manage_api_tokens' => 'in 0,1',`
			`'actions_manage_scheduled_reports' => 'in 0,1',`
			`'actions_manage_sla' => 'in 0,1',`
			`'actions_invoke_execute_now' => 'in 0,1',`
			`'actions_change_problem_ranking' => 'in 0,1',`
			`'modules' => 'array',`
			`'api_mode' => 'in '.implode(',', [ZBX_ROLE_RULE_API_MODE_DENY, ZBX_ROLE_RULE_API_MODE_ALLOW]),`
			`'api_methods' => 'array',`
			`'service_read_access' => 'in '.implode(',', [CRoleHelper::SERVICES_ACCESS_NONE, CRoleHelper::SERVICES_ACCESS_ALL, CRoleHelper::SERVICES_ACCESS_LIST]),`
			`'service_read_list' => 'array_db services.serviceid',`
			`'service_read_tag_tag' => 'string',`
			`'service_read_tag_value' => 'string',`
			`'service_write_access' => 'in '.implode(',', [CRoleHelper::SERVICES_ACCESS_NONE, CRoleHelper::SERVICES_ACCESS_ALL, CRoleHelper::SERVICES_ACCESS_LIST]),`
			`'service_write_list' => 'array_db services.serviceid',`
			`'service_write_tag_tag' => 'string',`
			`'service_write_tag_value' => 'string',`
			`'form_refresh' => 'int32'`
			`];`

			`$ret = $this->validateInput($fields);`
			`$error = $this->getValidationError();`

			`if (!$ret) {`
			`switch ($error) {`
			`case self::VALIDATION_ERROR:`
			`$response = new CControllerResponseRedirect('zabbix.php?action=userrole.edit');`
			`$response->setFormData($this->getInputAll());`
			`CMessageHelper::setErrorTitle(_('Cannot create user role'));`
			`$this->setResponse($response);`
			`break;`

			`case self::VALIDATION_FATAL_ERROR:`
			`$this->setResponse(new CControllerResponseFatal());`
			`break;`
			`}`
			`}`

			`return $ret;`
			`}`

			`protected function checkPermissions(): bool {`
			`if (!$this->checkAccess(CRoleHelper::UI_ADMINISTRATION_USER_ROLES)) {`
			`return false;`
			`}`

			`return true;`
			`}`

			`/**`
			`* @throws APIException`
			`*/`
			`protected function doAction(): void {`
			`$role = [`
			`'name' => trim($this->getInput('name')),`
			`'type' => $this->getInput('type')`
			`];`

			`$role['rules'] = $this->getRulesInput((int) $role['type']);`

			`$result = API::Role()->create($role);`

			`if ($result) {`
			`$response = new CControllerResponseRedirect(`
			`(new CUrl('zabbix.php'))`
			`->setArgument('action', 'userrole.list')`
			`->setArgument('page', CPagerHelper::loadPage('userrole.list', null))`
			`);`
			`$response->setFormData(['uncheck' => '1']);`
			`CMessageHelper::setSuccessTitle(_('User role created'));`
			`}`
			`else {`
			`$response = new CControllerResponseRedirect(`
			`(new CUrl('zabbix.php'))->setArgument('action', 'userrole.edit')`
			`);`
			`CMessageHelper::setErrorTitle(_('Cannot create user role'));`
			`$response->setFormData($this->getInputAll());`
			`}`

			`$this->setResponse($response);`
			`}`
			`}`