mirror of
https://github.com/librenms/librenms.git
synced 2024-09-21 10:28:13 +00:00
Device group based access (#10568)
* Device group based access * Use Permissions class to resolve permissions Also give port access based on device access * Convert more pages to use Permissions class * shorten config setting name use Eloquent relationships in several places alphabetize config_definitions.json * Change Models and Permissions * Clean up ajax_search LIMIT sql * Convert more pages to use Permissions class Co-authored-by: Tony Murray <murraytony@gmail.com>
This commit is contained in:
parent
1998b8dd00
commit
b361710148
@ -144,6 +144,7 @@ class MysqlAuthorizer extends AuthorizerBase
|
||||
// could be used on cli, use Eloquent helper
|
||||
Eloquent::DB()->table('bill_perms')->where('user_id', $user_id)->delete();
|
||||
Eloquent::DB()->table('devices_perms')->where('user_id', $user_id)->delete();
|
||||
Eloquent::DB()->table('devices_group_perms')->where('user_id', $user_id)->delete();
|
||||
Eloquent::DB()->table('ports_perms')->where('user_id', $user_id)->delete();
|
||||
Eloquent::DB()->table('users_prefs')->where('user_id', $user_id)->delete();
|
||||
|
||||
|
@ -545,13 +545,8 @@ class IRCBot
|
||||
$this->user['level'] = LegacyAuth::get()->getUserlevel($user['username']);
|
||||
$this->user['expire'] = (time() + ($this->config['irc_authtime'] * 3600));
|
||||
if ($this->user['level'] < 5) {
|
||||
foreach (dbFetchRows('SELECT device_id FROM devices_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
|
||||
$this->user['devices'][] = $tmp['device_id'];
|
||||
}
|
||||
|
||||
foreach (dbFetchRows('SELECT port_id FROM ports_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
|
||||
$this->user['ports'][] = $tmp['port_id'];
|
||||
}
|
||||
$this->user['devices'] = Permissions::devicesForUser($this->user['id'])->toArray();
|
||||
$this->user['ports'] = Permissions::portsForUser($this->user['id'])->toArray();
|
||||
}
|
||||
if ($this->debug) {
|
||||
$this->log("HostAuth on irc for '".$user['username']."', ID: '".$user_id."', Host: '".$host);
|
||||
@ -581,13 +576,8 @@ class IRCBot
|
||||
$tmp = LegacyAuth::get()->getUserlevel($tmp_user['username']);
|
||||
$this->user['level'] = $tmp;
|
||||
if ($this->user['level'] < 5) {
|
||||
foreach (dbFetchRows('SELECT device_id FROM devices_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
|
||||
$this->user['devices'][] = $tmp['device_id'];
|
||||
}
|
||||
|
||||
foreach (dbFetchRows('SELECT port_id FROM ports_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
|
||||
$this->user['ports'][] = $tmp['port_id'];
|
||||
}
|
||||
$this->user['devices'] = Permissions::devicesForUser($this->user['id'])->toArray();
|
||||
$this->user['ports'] = Permissions::portsForUser($this->user['id'])->toArray();
|
||||
}
|
||||
|
||||
return $this->respond('Authenticated.');
|
||||
|
@ -31,6 +31,7 @@ use App\Models\Port;
|
||||
use App\Models\User;
|
||||
use Auth;
|
||||
use DB;
|
||||
use LibreNMS\Config;
|
||||
|
||||
class Permissions
|
||||
{
|
||||
@ -140,7 +141,7 @@ class Permissions
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a list of port_id of all ports the user can access
|
||||
* Get a list of port_id of all ports the user can access directly
|
||||
*
|
||||
* @param User|int $user
|
||||
* @return \Illuminate\Support\Collection
|
||||
@ -153,7 +154,7 @@ class Permissions
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a list of bill_id of all bills the user can access
|
||||
* Get a list of bill_id of all bills the user can access directly
|
||||
*
|
||||
* @param User|int $user
|
||||
* @return \Illuminate\Support\Collection
|
||||
@ -193,7 +194,9 @@ class Permissions
|
||||
public function getDevicePermissions()
|
||||
{
|
||||
if (is_null($this->devicePermissions)) {
|
||||
$this->devicePermissions = DB::table('devices_perms')->get();
|
||||
$this->devicePermissions = DB::table('devices_perms')
|
||||
->union($this->getDeviceGroupPermissionsQuery())
|
||||
->get();
|
||||
}
|
||||
|
||||
return $this->devicePermissions;
|
||||
@ -262,4 +265,19 @@ class Permissions
|
||||
{
|
||||
return $bill instanceof Bill ? $bill->bill_id : (is_numeric($bill) ? (int)$bill : 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \Illuminate\Database\Query\Builder
|
||||
*/
|
||||
public function getDeviceGroupPermissionsQuery()
|
||||
{
|
||||
return DB::table('devices_group_perms')
|
||||
->select('devices_group_perms.user_id', 'device_group_device.device_id')
|
||||
->join('device_group_device', 'device_group_device.device_group_id', '=', 'devices_group_perms.device_group_id')
|
||||
->when(!Config::get('permission.device_group.allow_dynamic'), function ($query) {
|
||||
return $query
|
||||
->join('device_groups', 'device_groups.id', '=', 'devices_group_perms.device_group_id')
|
||||
->where('device_groups.type', 'static');
|
||||
});
|
||||
}
|
||||
}
|
||||
|
@ -15,6 +15,7 @@ use LibreNMS\Util\IPv4;
|
||||
use LibreNMS\Util\IPv6;
|
||||
use LibreNMS\Util\Url;
|
||||
use LibreNMS\Util\Time;
|
||||
use Permissions;
|
||||
|
||||
class Device extends BaseModel
|
||||
{
|
||||
@ -284,9 +285,7 @@ class Device extends BaseModel
|
||||
return true;
|
||||
}
|
||||
|
||||
return DB::table('devices_perms')
|
||||
->where('user_id', $user->user_id)
|
||||
->where('device_id', $this->device_id)->exists();
|
||||
return Permissions::canAccessDevice($this->device_id, $user->user_id);
|
||||
}
|
||||
|
||||
public function formatUptime($short = false)
|
||||
|
@ -149,4 +149,9 @@ class DeviceGroup extends BaseModel
|
||||
{
|
||||
return $this->belongsToMany('App\Models\Service', 'device_group_device', 'device_group_id', 'device_id');
|
||||
}
|
||||
|
||||
public function users()
|
||||
{
|
||||
return $this->belongsToMany('App\Models\User', 'devices_group_perms', 'device_group_id', 'user_id');
|
||||
}
|
||||
}
|
||||
|
@ -5,6 +5,7 @@ namespace App\Models;
|
||||
use DB;
|
||||
use Illuminate\Database\Eloquent\Builder;
|
||||
use LibreNMS\Util\Rewrite;
|
||||
use Permissions;
|
||||
|
||||
class Port extends DeviceRelatedModel
|
||||
{
|
||||
@ -62,7 +63,7 @@ class Port extends DeviceRelatedModel
|
||||
/**
|
||||
* Check if user can access this port.
|
||||
*
|
||||
* @param User $user
|
||||
* @param User|int $user
|
||||
* @return bool
|
||||
*/
|
||||
public function canAccess($user)
|
||||
@ -75,15 +76,7 @@ class Port extends DeviceRelatedModel
|
||||
return true;
|
||||
}
|
||||
|
||||
$port_query = DB::table('ports_perms')
|
||||
->where('user_id', $user->user_id)
|
||||
->where('port_id', $this->port_id);
|
||||
|
||||
$device_query = DB::table('devices_perms')
|
||||
->where('user_id', $user->user_id)
|
||||
->where('device_id', $this->device_id);
|
||||
|
||||
return $port_query->union($device_query)->exists();
|
||||
return Permissions::canAccessDevice($this->device_id, $user) || Permissions::canAccessPort($this->port_id, $user);
|
||||
}
|
||||
|
||||
// ---- Accessors/Mutators ----
|
||||
|
@ -7,6 +7,7 @@ use Illuminate\Database\Eloquent\Builder;
|
||||
use Illuminate\Foundation\Auth\User as Authenticatable;
|
||||
use Illuminate\Notifications\Notifiable;
|
||||
use LibreNMS\Authentication\LegacyAuth;
|
||||
use Permissions;
|
||||
|
||||
class User extends Authenticatable
|
||||
{
|
||||
@ -83,7 +84,7 @@ class User extends Authenticatable
|
||||
*/
|
||||
public function canAccessDevice($device)
|
||||
{
|
||||
return $this->hasGlobalRead() || $this->devices->contains($device);
|
||||
return $this->hasGlobalRead() || Permissions::canAccessDevice($device, $this->user_id);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -163,6 +164,15 @@ class User extends Authenticatable
|
||||
$this->attributes['enabled'] = $enable ? 1 : 0;
|
||||
}
|
||||
|
||||
public function getDevicesAttribute()
|
||||
{
|
||||
// pseudo relation
|
||||
if (!array_key_exists('devices', $this->relations)) {
|
||||
$this->setRelation('devices', $this->devices()->get());
|
||||
}
|
||||
return $this->getRelation('devices');
|
||||
}
|
||||
|
||||
// ---- Define Relationships ----
|
||||
|
||||
public function apiToken()
|
||||
@ -172,11 +182,15 @@ class User extends Authenticatable
|
||||
|
||||
public function devices()
|
||||
{
|
||||
if ($this->hasGlobalRead()) {
|
||||
return Device::query();
|
||||
} else {
|
||||
return $this->belongsToMany('App\Models\Device', 'devices_perms', 'user_id', 'device_id');
|
||||
}
|
||||
// pseudo relation
|
||||
return Device::query()->when(!$this->hasGlobalRead(), function ($query) {
|
||||
return $query->whereIn('device_id', Permissions::devicesForUser($this));
|
||||
});
|
||||
}
|
||||
|
||||
public function deviceGroups()
|
||||
{
|
||||
return $this->belongsToMany('App\Models\DeviceGroup', 'devices_group_perms', 'user_id', 'device_group_id');
|
||||
}
|
||||
|
||||
public function ports()
|
||||
|
@ -23,7 +23,7 @@ return [
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| User
|
||||
| Group
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This value is the group LibreNMS runs as. It is used to secure permissions
|
||||
|
@ -0,0 +1,32 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
|
||||
class DevicesGroupPerms extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::create('devices_group_perms', function (Blueprint $table) {
|
||||
$table->unsignedInteger('user_id')->index();
|
||||
$table->unsignedInteger('device_group_id')->index();
|
||||
$table->primary(['device_group_id','user_id']);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::dropIfExists('devices_group_perms');
|
||||
}
|
||||
}
|
@ -20,6 +20,14 @@ if (isset($_REQUEST['search'])) {
|
||||
if (strlen($search) > 0) {
|
||||
$found = 0;
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$perms_sql = "`D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
} else {
|
||||
$device_ids = [];
|
||||
$perms_sql = "1";
|
||||
}
|
||||
|
||||
if ($_REQUEST['type'] == 'group') {
|
||||
foreach (dbFetchRows("SELECT id,name FROM device_groups WHERE name LIKE ?", ["%$search%"]) as $group) {
|
||||
if ($_REQUEST['map']) {
|
||||
@ -43,13 +51,13 @@ if (isset($_REQUEST['search'])) {
|
||||
// Device search
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `devices` LEFT JOIN `locations` ON `locations`.`id` = `devices`.`location_id` WHERE `devices`.`hostname` LIKE ? OR `locations`.`location` LIKE ? OR `devices`.`sysName` LIKE ? OR `devices`.`purpose` LIKE ? OR `devices`.`notes` LIKE ? ORDER BY `devices`.hostname LIMIT " . $limit,
|
||||
["%$search%", "%$search%", "%$search%", "%$search%", "%$search%"]
|
||||
"SELECT * FROM `devices` LEFT JOIN `locations` ON `locations`.`id` = `devices`.`location_id` WHERE `devices`.`hostname` LIKE ? OR `locations`.`location` LIKE ? OR `devices`.`sysName` LIKE ? OR `devices`.`purpose` LIKE ? OR `devices`.`notes` LIKE ? ORDER BY `devices`.hostname LIMIT ?",
|
||||
["%$search%", "%$search%", "%$search%", "%$search%", "%$search%", $limit]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `devices` AS `D` INNER JOIN `devices_perms` AS `P` ON `P`.`device_id` = `D`.`device_id` LEFT JOIN `locations` ON `locations`.`id` = `D`.`location_id` WHERE `P`.`user_id` = ? AND (D.`hostname` LIKE ? OR D.`sysName` LIKE ? OR `locations`.`location` LIKE ?) ORDER BY hostname LIMIT " . $limit,
|
||||
[Auth::id(), "%$search%", "%$search%", "%$search%"]
|
||||
"SELECT * FROM `devices` AS `D` LEFT JOIN `locations` ON `locations`.`id` = `D`.`location_id` WHERE $perms_sql AND (D.`hostname` LIKE ? OR D.`sysName` LIKE ? OR `locations`.`location` LIKE ?) ORDER BY hostname LIMIT ?",
|
||||
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
|
||||
);
|
||||
}
|
||||
|
||||
@ -72,11 +80,8 @@ if (isset($_REQUEST['search'])) {
|
||||
$highlight_colour = '#008000';
|
||||
}
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$num_ports = dbFetchCell('SELECT COUNT(*) FROM `ports` WHERE device_id = ?', [$result['device_id']]);
|
||||
} else {
|
||||
$num_ports = dbFetchCell('SELECT COUNT(*) FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` AND `I`.`device_id` = `D`.`device_id` AND D.device_id = ?', [Auth::id(), $result['device_id']]);
|
||||
}
|
||||
$num_ports = dbFetchCell('SELECT COUNT(*) FROM `ports` AS `I`, `devices` AS `D` WHERE $perms_sql AND `I`.`device_id` = `D`.`device_id` AND D.device_id = ?', array_merge($device_ids, [$result['device_id']]));
|
||||
|
||||
|
||||
$device[] = array(
|
||||
'name' => $name,
|
||||
@ -99,13 +104,13 @@ if (isset($_REQUEST['search'])) {
|
||||
// Search ports
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `ports`.*,`devices`.* FROM `ports` LEFT JOIN `devices` ON `ports`.`device_id` = `devices`.`device_id` WHERE `ifAlias` LIKE ? OR `ifDescr` LIKE ? OR `ifName` LIKE ? ORDER BY ifDescr LIMIT ".$limit,
|
||||
["%$search%", "%$search%", "%$search%"]
|
||||
"SELECT `ports`.*,`devices`.* FROM `ports` LEFT JOIN `devices` ON `ports`.`device_id` = `devices`.`device_id` WHERE `ifAlias` LIKE ? OR `ifDescr` LIKE ? OR `ifName` LIKE ? ORDER BY ifDescr LIMIT ?",
|
||||
["%$search%", "%$search%", "%$search%", $limit]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT DISTINCT(`I`.`port_id`), `I`.*, `D`.`hostname` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` AND (`ifAlias` LIKE ? OR `ifDescr` LIKE ? OR `ifName` LIKE ?) ORDER BY ifDescr LIMIT ".$limit,
|
||||
[Auth::id(), Auth::id(), "%$search%", "%$search%", "%$search%"]
|
||||
"SELECT DISTINCT(`I`.`port_id`), `I`.*, `D`.`hostname` FROM `ports` AS `I`, `devices` AS `D` WHERE $perms_sql AND `D`.`device_id` = `I`.`device_id` AND (`ifAlias` LIKE ? OR `ifDescr` LIKE ? OR `ifName` LIKE ?) ORDER BY ifDescr LIMIT ?",
|
||||
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
|
||||
);
|
||||
}
|
||||
|
||||
@ -149,17 +154,10 @@ if (isset($_REQUEST['search'])) {
|
||||
die($json);
|
||||
} elseif ($_REQUEST['type'] == 'bgp') {
|
||||
// Search bgp peers
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `bgpPeers`.*,`devices`.* FROM `bgpPeers` LEFT JOIN `devices` ON `bgpPeers`.`device_id` = `devices`.`device_id` WHERE `astext` LIKE ? OR `bgpPeerIdentifier` LIKE ? OR `bgpPeerRemoteAs` LIKE ? ORDER BY `astext` LIMIT " . $limit,
|
||||
["%$search%", "%$search%", "%$search%"]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `bgpPeers`.*,`D`.* FROM `bgpPeers`, `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` AND `bgpPeers`.`device_id`=`D`.`device_id` AND (`astext` LIKE ? OR `bgpPeerIdentifier` LIKE ? OR `bgpPeerRemoteAs` LIKE ?) ORDER BY `astext` LIMIT ".$limit,
|
||||
[Auth::id(), "%$search%", "%$search%", "%$search%"]
|
||||
);
|
||||
}
|
||||
$results = dbFetchRows(
|
||||
"SELECT `bgpPeers`.*,`D`.* FROM `bgpPeers`, `devices` AS `D` WHERE $perms_sql AND `bgpPeers`.`device_id`=`D`.`device_id` AND (`astext` LIKE ? OR `bgpPeerIdentifier` LIKE ? OR `bgpPeerRemoteAs` LIKE ?) ORDER BY `astext` LIMIT ?",
|
||||
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
|
||||
);
|
||||
|
||||
if (count($results)) {
|
||||
$found = 1;
|
||||
@ -205,17 +203,11 @@ if (isset($_REQUEST['search'])) {
|
||||
die($json);
|
||||
} elseif ($_REQUEST['type'] == 'applications') {
|
||||
// Device search
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `applications` INNER JOIN `devices` ON devices.device_id = applications.device_id WHERE `app_type` LIKE ? OR `hostname` LIKE ? ORDER BY hostname LIMIT ".$limit,
|
||||
["%$search%", "%$search%"]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `applications` INNER JOIN `devices` AS `D` ON `D`.`device_id` = `applications`.`device_id` INNER JOIN `devices_perms` AS `P` ON `P`.`device_id` = `D`.`device_id` WHERE `P`.`user_id` = ? AND (`app_type` LIKE ? OR `hostname` LIKE ?) ORDER BY hostname LIMIT ".$limit,
|
||||
[Auth::id(), "%$search%", "%$search%"]
|
||||
);
|
||||
}
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `applications` INNER JOIN `devices` AS `D` ON `D`.`device_id` = `applications`.`device_id` WHERE $perms_sql AND (`app_type` LIKE ? OR `hostname` LIKE ?) ORDER BY hostname LIMIT ?",
|
||||
array_merge($device_ids, ["%$search%", "%$search%", $limit])
|
||||
);
|
||||
|
||||
|
||||
if (count($results)) {
|
||||
$found = 1;
|
||||
@ -252,17 +244,11 @@ if (isset($_REQUEST['search'])) {
|
||||
die($json);
|
||||
} elseif ($_REQUEST['type'] == 'munin') {
|
||||
// Device search
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `munin_plugins` INNER JOIN `devices` ON devices.device_id = munin_plugins.device_id WHERE `mplug_type` LIKE ? OR `mplug_title` LIKE ? OR `hostname` LIKE ? ORDER BY hostname LIMIT ".$limit,
|
||||
["%$search%", "%$search%", "%$search%"]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `munin_plugins` INNER JOIN `devices` AS `D` ON `D`.`device_id` = `munin_plugins`.`device_id` INNER JOIN `devices_perms` AS `P` ON `P`.`device_id` = `D`.`device_id` WHERE `P`.`user_id` = ? AND (`mplug_type` LIKE ? OR `mplug_title` LIKE ? OR `hostname` LIKE ?) ORDER BY hostname LIMIT ".$limit,
|
||||
[Auth::id(), "%$search%", "%$search%", "%$search%"]
|
||||
);
|
||||
}
|
||||
$results = dbFetchRows(
|
||||
"SELECT * FROM `munin_plugins` INNER JOIN `devices` AS `D` ON `D`.`device_id` = `munin_plugins`.`device_id` WHERE $perms_sql AND (`mplug_type` LIKE ? OR `mplug_title` LIKE ? OR `hostname` LIKE ?) ORDER BY hostname LIMIT ?",
|
||||
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
|
||||
);
|
||||
|
||||
|
||||
if (count($results)) {
|
||||
$found = 1;
|
||||
@ -299,17 +285,11 @@ if (isset($_REQUEST['search'])) {
|
||||
die($json);
|
||||
} elseif ($_REQUEST['type'] == 'iftype') {
|
||||
// Device search
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `ports`.ifType FROM `ports` WHERE `ifType` LIKE ? GROUP BY ifType ORDER BY ifType LIMIT ".$limit,
|
||||
["%$search%"]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `I`.ifType FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` AND (`ifType` LIKE ?) GROUP BY ifType ORDER BY ifType LIMIT ".$limit,
|
||||
[Auth::id(), Auth::id(), "%$search%"]
|
||||
);
|
||||
}
|
||||
$results = dbFetchRows(
|
||||
"SELECT `ports`.ifType FROM `ports` WHERE $perms_sql AND `ifType` LIKE ? GROUP BY ifType ORDER BY ifType LIMIT ?",
|
||||
array_merge($device_ids, ["%$search%", $limit])
|
||||
);
|
||||
|
||||
if (count($results)) {
|
||||
$found = 1;
|
||||
$devices = count($results);
|
||||
@ -327,13 +307,13 @@ if (isset($_REQUEST['search'])) {
|
||||
// Device search
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `bills`.bill_id, `bills`.bill_name FROM `bills` WHERE `bill_name` LIKE ? OR `bill_notes` LIKE ? LIMIT ".$limit,
|
||||
["%$search%", "%$search%"]
|
||||
"SELECT `bills`.bill_id, `bills`.bill_name FROM `bills` WHERE `bill_name` LIKE ? OR `bill_notes` LIKE ? LIMIT ?",
|
||||
["%$search%", "%$search%", $limit]
|
||||
);
|
||||
} else {
|
||||
$results = dbFetchRows(
|
||||
"SELECT `bills`.bill_id, `bills`.bill_name FROM `bills` INNER JOIN `bill_perms` ON `bills`.bill_id = `bill_perms`.bill_id WHERE `bill_perms`.user_id = ? AND (`bill_name` LIKE ? OR `bill_notes` LIKE ?) LIMIT ".$limit,
|
||||
[Auth::id(), "%$search%", "%$search%"]
|
||||
"SELECT `bills`.bill_id, `bills`.bill_name FROM `bills` INNER JOIN `bill_perms` ON `bills`.bill_id = `bill_perms`.bill_id WHERE `bill_perms`.user_id = ? AND (`bill_name` LIKE ? OR `bill_notes` LIKE ?) LIMIT ?",
|
||||
[Auth::id(), "%$search%", "%$search%", $limit]
|
||||
);
|
||||
}
|
||||
$json = json_encode($results);
|
||||
|
File diff suppressed because one or more lines are too long
@ -2,11 +2,11 @@
|
||||
"/js/app.js": "/js/app.js?id=d074dd82ac08dba78c44",
|
||||
"/css/app.css": "/css/app.css?id=17e56994706c74ee9663",
|
||||
"/js/manifest.js": "/js/manifest.js?id=3c768977c2574a34506e",
|
||||
"/js/vendor.js": "/js/vendor.js?id=00c1d21ecfea78860e09",
|
||||
"/js/lang/de.js": "/js/lang/de.js?id=e0623715e8df0895188b",
|
||||
"/js/lang/en.js": "/js/lang/en.js?id=116363543952443ac4cb",
|
||||
"/js/lang/fr.js": "/js/lang/fr.js?id=2d1159debd99a1909f12",
|
||||
"/js/lang/ru.js": "/js/lang/ru.js?id=b007ddce75134acbe635",
|
||||
"/js/lang/uk.js": "/js/lang/uk.js?id=146819d3cf1dfb16672d",
|
||||
"/js/lang/zh-TW.js": "/js/lang/zh-TW.js?id=f57574a3892e5990ecbc"
|
||||
"/js/vendor.js": "/js/vendor.js?id=8903cec9b99453318869",
|
||||
"/js/lang/de.js": "/js/lang/de.js?id=04de715032d1fe1584d9",
|
||||
"/js/lang/en.js": "/js/lang/en.js?id=368d06aa81687a47cbdf",
|
||||
"/js/lang/fr.js": "/js/lang/fr.js?id=51f0ee3b59a7dace8913",
|
||||
"/js/lang/ru.js": "/js/lang/ru.js?id=d1a4a7e38c1e19a9f35f",
|
||||
"/js/lang/uk.js": "/js/lang/uk.js?id=a4f38c7e0cfec6593e8e",
|
||||
"/js/lang/zh-TW.js": "/js/lang/zh-TW.js?id=d973da2eac4a300af36d"
|
||||
}
|
||||
|
@ -3,8 +3,11 @@
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$data['active_count'] = array('query' => 'SELECT COUNT(`alerts`.`id`) FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id` RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE 1 AND `alerts`.`state` NOT IN (0,2) AND `devices`.`disabled` = 0 AND `devices`.`ignore` = 0');
|
||||
} else {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$perms_sql = "`D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
|
||||
$data['active_count'] = array(
|
||||
'query' => 'SELECT COUNT(`alerts`.`id`) FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id` LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id` RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE 1 AND `alerts`.`state` NOT IN (0,2) AND `devices`.`disabled` = 0 AND `devices`.`ignore` = 0 AND `DP`.`user_id`=?',
|
||||
'params' => array(Auth::id()),
|
||||
'query' => 'SELECT COUNT(`alerts`.`id`) FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id` RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE $perms_sql AND `alerts`.`state` NOT IN (0,2) AND `devices`.`disabled` = 0 AND `devices`.`ignore` = 0',
|
||||
'params' => $device_ids
|
||||
);
|
||||
}
|
||||
|
@ -11,28 +11,31 @@ if (Auth::user()->hasGlobalRead()) {
|
||||
|
||||
$data['disabled'] = array('query' => "SELECT COUNT(*) FROM devices WHERE `disabled` = '1'");
|
||||
} else {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$perms_sql = "`D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
|
||||
$data['count'] = array(
|
||||
'query' => 'SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id`',
|
||||
'params' => array(Auth::id()),
|
||||
'query' => 'SELECT COUNT(*) FROM devices AS D WHERE $perms_sql',
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['up'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`status` = '1' AND D.`ignore` = '0' AND D.`disabled` = '0'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`status` = '1' AND D.`ignore` = '0' AND D.`disabled` = '0'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['down'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`status` = '0' AND D.`ignore` = '0' AND D.`disabled` = '0'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`status` = '0' AND D.`ignore` = '0' AND D.`disabled` = '0'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['ignored'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`ignore` = '1' AND D.`disabled` = '0'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`ignore` = '1' AND D.`disabled` = '0'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['disabled'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND D.`disabled` = '1'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM devices AS D WHERE $perms_sql AND D.`disabled` = '1'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
}//end if
|
||||
|
@ -13,33 +13,36 @@ if (Auth::user()->hasGlobalRead()) {
|
||||
|
||||
$data['ignored'] = array('query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE I.`deleted` = '0' AND D.`device_id` = I.`device_id` AND (I.`ignore` = '1' OR D.`ignore` = '1')");
|
||||
} else {
|
||||
$device_ids = Permissions::portsForUser()->toArray() ?: [0];
|
||||
$perms_sql = "`I`.`port_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
|
||||
$data['count'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id`",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I WHERE $perms_sql AND I.`deleted` = '0'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['up'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'up'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'up'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['down'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'down' AND I.`ifAdminStatus` = 'up'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifOperStatus` = 'down' AND I.`ifAdminStatus` = 'up'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['shutdown'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifAdminStatus` = 'down'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND I.`ifAdminStatus` = 'down'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['errored'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND (I.`ifInErrors_delta` > '0' OR I.`ifOutErrors_delta` > '0')",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND I.`ignore` = '0' AND D.`ignore` = '0' AND (I.`ifInErrors_delta` > '0' OR I.`ifOutErrors_delta` > '0')",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['ignored'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D, devices_perms AS P WHERE I.`deleted` = '0' AND P.`user_id` = ? AND P.`device_id` = D.`device_id` AND I.`device_id` = D.`device_id` AND (I.`ignore` = '1' OR D.`ignore` = '1')",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM ports AS I, devices AS D WHERE $perms_sql AND I.`deleted` = '0' AND I.`device_id` = D.`device_id` AND (I.`ignore` = '1' OR D.`ignore` = '1')",
|
||||
'params' => $device_ids
|
||||
);
|
||||
}//end if
|
||||
|
@ -7,28 +7,31 @@ if (Auth::user()->hasGlobalRead()) {
|
||||
$data['ignored'] = array( 'query' => "SELECT COUNT(*) FROM services WHERE `service_ignore` = '1' AND `service_disabled` = '0'");
|
||||
$data['disabled'] = array( 'query' => "SELECT COUNT(*) FROM services WHERE `service_disabled` = '1'");
|
||||
} else {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$perms_sql = "`S`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
|
||||
$data['count'] = array(
|
||||
'query' => 'SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id`',
|
||||
'params' => array(Auth::id()),
|
||||
'query' => 'SELECT COUNT(*) FROM services AS S WHERE $perms_sql',
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['up'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '0'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '0'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['down'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '2'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_ignore` = '0' AND S.`service_disabled` = '0' AND S.`service_status` = '2'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['ignored'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_ignore` = '1' AND S.`service_disabled` = '0'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_ignore` = '1' AND S.`service_disabled` = '0'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
|
||||
$data['disabled'] = array(
|
||||
'query' => "SELECT COUNT(*) FROM services AS S, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND S.`device_id` = D.`device_id` AND S.`service_disabled` = '1'",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(*) FROM services AS S WHERE $perms_sql AND S.`service_disabled` = '1'",
|
||||
'params' => $device_ids
|
||||
);
|
||||
}//end if
|
||||
|
@ -3,8 +3,11 @@
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$data['count'] = array('query' => "SELECT COUNT(`toner_id`) FROM toner");
|
||||
} else {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$perms_sql = "`toner`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
|
||||
$data['count'] = array(
|
||||
'query' => "SELECT COUNT(`toner_id`) FROM toner AS T, devices AS D, devices_perms AS P WHERE P.`user_id` = ? AND P.`device_id` = D.`device_id` AND T.`device_id` = D.`device_id`",
|
||||
'params' => array(Auth::id()),
|
||||
'query' => "SELECT COUNT(`toner_id`) FROM toner WHERE $perms_sql",
|
||||
'params' => $device_ids
|
||||
);
|
||||
}
|
||||
|
@ -91,14 +91,16 @@ var greenMarker = L.AwesomeMarkers.icon({
|
||||
$param = $show_status;
|
||||
} else {
|
||||
// Normal user - grab devices that user has permissions to
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
|
||||
$sql = "SELECT DISTINCT(`devices`.`device_id`) as `device_id`,`location`,`sysName`,`hostname`,`os`,`status`,`lat`,`lng`
|
||||
FROM `devices_perms`, `devices`
|
||||
FROM `devices`
|
||||
LEFT JOIN `locations` ON `devices`.location_id=`locations`.`id`
|
||||
WHERE `disabled`=0 AND `ignore`=0 AND ((`lat` != '' AND `lng` != '') OR (`location` REGEXP '\[[0-9\.\, ]+\]'))
|
||||
AND `devices`.`device_id` = `devices_perms`.`device_id`
|
||||
AND `devices_perms`.`user_id` = ? AND `status` IN " . dbGenPlaceholders(count($show_status)) .
|
||||
AND `devices`.`device_id` IN " . dbGenPlaceholders(count($device_ids)) .
|
||||
" AND `status` IN " . dbGenPlaceholders(count($show_status)) .
|
||||
" ORDER BY `status` ASC, `hostname`";
|
||||
$param = array_merge([Auth::id()], $show_status);
|
||||
$param = array_merge($device_ids, $show_status);
|
||||
}
|
||||
|
||||
foreach (dbFetchRows($sql, $param) as $map_devices) {
|
||||
|
@ -28,9 +28,9 @@ $where = [];
|
||||
$params = [];
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$query .= ' LEFT JOIN `devices_perms` USING (`device_id`)';
|
||||
$where = '`devices_perms`.`user_id`=?';
|
||||
$params[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where[] = " `devices`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$params = array_merge($params, $device_ids);
|
||||
}
|
||||
|
||||
if (!empty($_REQUEST['search'])) {
|
||||
|
@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use App\Models\DeviceGroup;
|
||||
use App\Models\User;
|
||||
|
||||
$no_refresh = true;
|
||||
@ -32,6 +33,14 @@ if (! Auth::user()->hasGlobalAdmin()) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($vars['action'] == 'deldevgroupperm') {
|
||||
$user->deviceGroups()->detach($vars['device_group_id']);
|
||||
}
|
||||
|
||||
if ($vars['action'] == 'adddevgroupperm') {
|
||||
$user->deviceGroups()->syncWithoutDetaching($vars['device_group_id']);
|
||||
}
|
||||
|
||||
if ($vars['action'] == 'delifperm') {
|
||||
if (dbFetchCell('SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?', array($vars['port_id'], $user_data['user_id']))) {
|
||||
dbDelete('ports_perms', '`port_id` = ? AND `user_id` = ?', array($vars['port_id'], $user_data['user_id']));
|
||||
@ -112,7 +121,65 @@ if (! Auth::user()->hasGlobalAdmin()) {
|
||||
</div>
|
||||
<button type='submit' class='btn btn-default' name='Submit'>Add</button></form>";
|
||||
|
||||
echo "</div>
|
||||
echo '</div>
|
||||
<div class="col-md-4">';
|
||||
|
||||
// Display devices this users has access to
|
||||
echo '<h3>Device access via Device Group (beta)</h3>';
|
||||
|
||||
echo "<div class='panel panel-default panel-condensed'>
|
||||
<table class='table table-hover table-condensed table-striped'>
|
||||
<tr>
|
||||
<th>Device Group</th>
|
||||
<th>Action</th>
|
||||
</tr>";
|
||||
|
||||
foreach ($user->deviceGroups as $device_group_perm) {
|
||||
echo '<tr><td><strong>'.$device_group_perm->name."</td><td> <a href='edituser/action=deldevgroupperm/user_id=".$user->user_id.'/device_group_id='.$device_group_perm->id."'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a></strong></td></tr>";
|
||||
}
|
||||
|
||||
echo '</table>
|
||||
</div>';
|
||||
|
||||
if ($user->deviceGroups->isEmpty()) {
|
||||
echo 'None Configured';
|
||||
}
|
||||
|
||||
// Display device groups this user doesn't have access to
|
||||
echo '<h4>Grant access to new Device Group</h4>';
|
||||
$allow_dynamic = \LibreNMS\Config::get('permission.device_group.allow_dynamic');
|
||||
if (!$allow_dynamic) {
|
||||
echo "<i>Dynamic groups are disabled, set permission.device_group.allow_dynamic to enable.</i>";
|
||||
}
|
||||
|
||||
echo "<form class='form-inline' role='form' method='post' action=''>
|
||||
" . csrf_field() . "
|
||||
<input type='hidden' value='".$user_data['user_id']."' name='user_id'>
|
||||
<input type='hidden' value='edituser' name='page'>
|
||||
<input type='hidden' value='adddevgroupperm' name='action'>
|
||||
<div class='form-group'>
|
||||
<label class='sr-only' for='device_group_id'>Device</label>
|
||||
<select name='device_group_id' id='device_group_id' class='form-control'>";
|
||||
|
||||
$device_groups = DeviceGroup::query()
|
||||
->whereNotIn('id', $user->deviceGroups->pluck('id'))
|
||||
->when(!$allow_dynamic, function ($query) {
|
||||
return $query->where('type', 'static');
|
||||
})
|
||||
->orderBy('name')
|
||||
->get(['id', 'name']);
|
||||
|
||||
foreach ($device_groups as $group) {
|
||||
echo '<option value="'.$group->id . '">' . $group->name . '</option>';
|
||||
}
|
||||
|
||||
echo "</select>
|
||||
</div>
|
||||
<button type='submit' class='btn btn-default' name='Submit'>Add</button></form>";
|
||||
|
||||
echo "</div></div>
|
||||
|
||||
<div class='row'>
|
||||
<div class='col-md-4'>";
|
||||
echo '<h3>Interface Access</h3>';
|
||||
|
||||
@ -143,7 +210,7 @@ if (! Auth::user()->hasGlobalAdmin()) {
|
||||
echo 'None Configured';
|
||||
}
|
||||
|
||||
// Display devices this user doesn't have access to
|
||||
// Display interfaces this user doesn't have access to
|
||||
echo '<h4>Grant access to new interface</h4>';
|
||||
|
||||
echo "<form action='' method='post' class='form-horizontal' role='form'>
|
||||
|
@ -4,12 +4,12 @@
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>. */
|
||||
/**
|
||||
@ -32,7 +32,7 @@ $config['leaflet']['default_lat'] = 65.3258792;
|
||||
$config['leaflet']['default_lng'] = 14.1115485;
|
||||
Dag B <dag@bakke.com>
|
||||
*/
|
||||
|
||||
|
||||
$pagetitle[] = 'Geographical Map';
|
||||
|
||||
if (\LibreNMS\Config::get('map.engine') == 'leaflet') {
|
||||
@ -55,7 +55,7 @@ if (\LibreNMS\Config::get('map.engine') == 'leaflet') {
|
||||
setStyle();
|
||||
};
|
||||
}, false);
|
||||
|
||||
|
||||
function setStyle() {
|
||||
if(isFullscreen) {
|
||||
document.getElementsByClassName('navbar-fixed-top')[0].style.display = "none";
|
||||
@ -64,7 +64,7 @@ if (\LibreNMS\Config::get('map.engine') == 'leaflet') {
|
||||
document.getElementsByClassName('navbar-fixed-top')[0].style.removeProperty("display");
|
||||
document.getElementsByTagName('body')[0].style.paddingTop = "50px";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
window.dispatchEvent(new Event('resize'));
|
||||
</script>
|
||||
|
@ -13,6 +13,8 @@
|
||||
* @author LibreNMS Contributors
|
||||
*/
|
||||
|
||||
use App\Models\Port;
|
||||
|
||||
$pagetitle[] = "Ports";
|
||||
|
||||
// Set Defaults here
|
||||
@ -162,14 +164,13 @@ if ((isset($vars['searchbar']) && $vars['searchbar'] != "hide") || !isset($vars[
|
||||
$output .= "<select name='ifSpeed' id='ifSpeed' class='form-control input-sm'>";
|
||||
$output .= "<option value=''>All Speeds</option>";
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$sql = "SELECT `ifSpeed` FROM `ports` GROUP BY `ifSpeed` ORDER BY `ifSpeed`";
|
||||
} else {
|
||||
$sql = "SELECT `ifSpeed` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` GROUP BY `ifSpeed` ORDER BY `ifSpeed`";
|
||||
$param[] = array(Auth::id(), Auth::id());
|
||||
}
|
||||
$ifSpeed = Port::select('ifSpeed')
|
||||
->hasAccess(Auth::user())
|
||||
->groupBy('ifSpeed')
|
||||
->orderBy('ifSpeed')
|
||||
->get();
|
||||
|
||||
foreach (dbFetchRows($sql, $param) as $data) {
|
||||
foreach ($ifSpeed as $data) {
|
||||
if ($data['ifSpeed']) {
|
||||
if ($data['ifSpeed'] == $vars['ifSpeed']) {
|
||||
$speedselected = "selected";
|
||||
@ -186,14 +187,13 @@ if ((isset($vars['searchbar']) && $vars['searchbar'] != "hide") || !isset($vars[
|
||||
$output .= "<select name='ifType' id='ifType' class='form-control input-sm'>";
|
||||
$output .= "<option value=''>All Media</option>";
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$sql = "SELECT `ifType` FROM `ports` GROUP BY `ifType` ORDER BY `ifType`";
|
||||
} else {
|
||||
$sql = "SELECT `ifType` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` GROUP BY `ifType` ORDER BY `ifType`";
|
||||
$param[] = array(Auth::id(), Auth::id());
|
||||
}
|
||||
$ifType = Port::select('ifType')
|
||||
->hasAccess(Auth::user())
|
||||
->groupBy('ifType')
|
||||
->orderBy('ifType')
|
||||
->get();
|
||||
|
||||
foreach (dbFetchRows($sql, $param) as $data) {
|
||||
foreach ($ifType as $data) {
|
||||
if ($data['ifType']) {
|
||||
if ($data['ifType'] == $vars['ifType']) {
|
||||
$dataselected = "selected";
|
||||
@ -214,9 +214,13 @@ if ((isset($vars['searchbar']) && $vars['searchbar'] != "hide") || !isset($vars[
|
||||
$sql = "SELECT `port_descr_type` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` GROUP BY `port_descr_type` ORDER BY `port_descr_type`";
|
||||
$param[] = array(Auth::id(), Auth::id());
|
||||
}
|
||||
$ports = dbFetchRows($sql, $param);
|
||||
$port_descr_type = Port::select('port_descr_type')
|
||||
->hasAccess(Auth::user())
|
||||
->groupBy('port_descr_type')
|
||||
->orderBy('port_descr_type')
|
||||
->get();
|
||||
|
||||
foreach ($ports as $data) {
|
||||
foreach ($port_descr_type as $data) {
|
||||
if ($data['port_descr_type']) {
|
||||
if ($data['port_descr_type'] == $vars['port_descr_type']) {
|
||||
$portdescrib = "selected";
|
||||
|
@ -33,11 +33,12 @@ var grid = $("#arp-search").bootgrid({
|
||||
|
||||
// Select the devices only with ARP tables
|
||||
$sql = 'SELECT D.device_id AS device_id, `hostname`, `D`.`sysName` AS `sysName` FROM `ipv4_mac` AS M, `ports` AS P, `devices` AS D';
|
||||
$param = array();
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `D`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " WHERE M.port_id = P.port_id AND P.device_id = D.device_id $where GROUP BY `D`.`device_id`, `D`.`hostname`, `D`.`sysName` ORDER BY `hostname`";
|
||||
|
@ -36,12 +36,12 @@ var grid = $("#fdb-search").bootgrid({
|
||||
|
||||
// Select the devices only with FDB tables
|
||||
$sql = 'SELECT D.device_id AS device_id, `hostname` FROM `ports_fdb` AS F, `ports` AS P, `devices` AS D';
|
||||
|
||||
$param = array();
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `D`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " WHERE F.port_id = P.port_id AND P.device_id = D.device_id $where GROUP BY `D`.`device_id`, `D`.`hostname` ORDER BY `hostname`";
|
||||
|
@ -30,11 +30,12 @@ var grid = $("#ipv4-search").bootgrid({
|
||||
<?php
|
||||
|
||||
$sql = 'SELECT `devices`.`device_id`,`hostname`,`sysName` FROM `devices`';
|
||||
$param = [];
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' WHERE `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " WHERE `devices`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " $where ORDER BY `hostname`";
|
||||
|
@ -29,11 +29,12 @@ var grid = $("#ipv6-search").bootgrid({
|
||||
<?php
|
||||
|
||||
$sql = 'SELECT `devices`.`device_id`,`hostname`, `sysName` FROM `devices`';
|
||||
$param = [];
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' WHERE `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " WHERE `devices`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " $where ORDER BY `hostname`";
|
||||
|
@ -30,11 +30,12 @@ var grid = $("#mac-search").bootgrid({
|
||||
<?php
|
||||
|
||||
$sql = 'SELECT `devices`.`device_id`,`hostname`, `sysName` FROM `devices`';
|
||||
$param = [];
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' WHERE `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " WHERE `devices`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " $where ORDER BY `hostname`";
|
||||
|
@ -77,9 +77,9 @@ $query = 'SELECT packages.name FROM packages,devices ';
|
||||
$param = array();
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$query .= " LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id`";
|
||||
$sql_where .= " AND `DP`.`user_id`=?";
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$query .= " WHERE packages.device_id = devices.device_id AND packages.name LIKE '%".mres($_POST['package'])."%' $sql_where GROUP BY packages.name";
|
||||
|
@ -120,14 +120,16 @@ require_once 'includes/html/modal/delete_service.inc.php';
|
||||
$sql_param[] = $state;
|
||||
}
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$host_sql = 'SELECT `D`.`device_id`,`D`.`hostname`,`D`.`sysName` FROM devices AS D, services AS S WHERE D.device_id = S.device_id GROUP BY `D`.`hostname`, `D`.`device_id`, `D`.`sysName` ORDER BY D.hostname';
|
||||
$host_par = array();
|
||||
} else {
|
||||
$host_sql = 'SELECT `D`.`device_id`,`D`.`hostname`,`D`.`sysName` FROM devices AS D, services AS S, devices_perms AS P WHERE D.device_id = S.device_id AND D.device_id = P.device_id AND P.user_id = ? GROUP BY `D`.`hostname`, `D`.`device_id`, `D`.`sysName` ORDER BY D.hostname';
|
||||
$host_par = array(Auth::id());
|
||||
$host_par = array();
|
||||
$perms_sql = null;
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$perms_sql .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$host_par = $device_ids;
|
||||
}
|
||||
|
||||
$host_sql = 'SELECT `D`.`device_id`,`D`.`hostname`,`D`.`sysName` FROM devices AS D, services AS S WHERE D.device_id = S.device_id ' . $perms_sql . ' GROUP BY `D`.`hostname`, `D`.`device_id`, `D`.`sysName` ORDER BY D.hostname';
|
||||
|
||||
$shift = 1;
|
||||
foreach (dbFetchRows($host_sql, $host_par) as $device) {
|
||||
$device_id = $device['device_id'];
|
||||
|
@ -18,7 +18,7 @@
|
||||
*/
|
||||
|
||||
$pagetitle[] = "Alert Stats";
|
||||
|
||||
$param = [];
|
||||
$sql = "";
|
||||
if (isset($device['device_id']) && $device['device_id'] > 0) {
|
||||
$sql = " AND alert_log.device_id=?";
|
||||
@ -27,13 +27,13 @@ if (isset($device['device_id']) && $device['device_id'] > 0) {
|
||||
);
|
||||
}
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$query = "SELECT DATE_FORMAT(time_logged, '" . \LibreNMS\Config::get('alert_graph_date_format') . "') Date, COUNT(alert_log.rule_id) totalCount, alert_rules.severity Severity FROM alert_log,alert_rules WHERE alert_log.rule_id=alert_rules.id AND `alert_log`.`state` != 0 $sql GROUP BY DATE_FORMAT(time_logged, '" . \LibreNMS\Config::get('alert_graph_date_format') . "'),alert_rules.severity";
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$sql .= " AND `alert_log`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$query = "SELECT DATE_FORMAT(time_logged, '" . \LibreNMS\Config::get('alert_graph_date_format') . "') Date, COUNT(alert_log.device_id) totalCount, alert_rules.severity Severity FROM alert_log,alert_rules,devices_perms WHERE alert_log.rule_id=alert_rules.id AND `alert_log`.`state` != 0 $sql AND alert_log.device_id = devices_perms.device_id AND devices_perms.user_id = " . Auth::id() . " GROUP BY DATE_FORMAT(time_logged, '" . \LibreNMS\Config::get('alert_graph_date_format') . "'),alert_rules.severity";
|
||||
}
|
||||
$query = "SELECT DATE_FORMAT(time_logged, '" . \LibreNMS\Config::get('alert_graph_date_format') . "') Date, COUNT(alert_log.rule_id) totalCount, alert_rules.severity Severity FROM alert_log,alert_rules WHERE alert_log.rule_id=alert_rules.id AND `alert_log`.`state` != 0 $sql GROUP BY DATE_FORMAT(time_logged, '" . \LibreNMS\Config::get('alert_graph_date_format') . "'),alert_rules.severity";
|
||||
|
||||
?>
|
||||
<br>
|
||||
|
@ -28,9 +28,10 @@ if (!empty($device['hostname'])) {
|
||||
}
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$join_sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `D1`.`device_id` = `DP`.`device_id`';
|
||||
$sql .= ' AND `DP`.`user_id`=?';
|
||||
$sql_array[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$sql .= " AND `D1`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$sql .= " AND `D2`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$sql_array = array_merge($sql_array, $device_ids, $device_ids);
|
||||
}
|
||||
|
||||
$devices_by_id = array();
|
||||
|
@ -5,15 +5,14 @@ use LibreNMS\Util\IP;
|
||||
$param = array();
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$perms_sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `D`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = array(Auth::id());
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
list($address,$prefix) = explode('/', $vars['address']);
|
||||
if ($vars['search_type'] == 'ipv4') {
|
||||
$sql = ' FROM `ipv4_addresses` AS A, `ports` AS I, `ipv4_networks` AS N, `devices` AS D';
|
||||
$sql .= $perms_sql;
|
||||
$sql .= " WHERE I.port_id = A.port_id AND I.device_id = D.device_id AND N.ipv4_network_id = A.ipv4_network_id $where ";
|
||||
if (!empty($address)) {
|
||||
$sql .= " AND ipv4_address LIKE '%".$address."%'";
|
||||
@ -25,7 +24,6 @@ if ($vars['search_type'] == 'ipv4') {
|
||||
}
|
||||
} elseif ($vars['search_type'] == 'ipv6') {
|
||||
$sql = ' FROM `ipv6_addresses` AS A, `ports` AS I, `ipv6_networks` AS N, `devices` AS D';
|
||||
$sql .= $perms_sql;
|
||||
$sql .= " WHERE I.port_id = A.port_id AND I.device_id = D.device_id AND N.ipv6_network_id = A.ipv6_network_id $where ";
|
||||
if (!empty($address)) {
|
||||
$sql .= " AND (ipv6_address LIKE '%".$address."%' OR ipv6_compressed LIKE '%".$address."%')";
|
||||
@ -36,7 +34,6 @@ if ($vars['search_type'] == 'ipv4') {
|
||||
}
|
||||
} elseif ($vars['search_type'] == 'mac') {
|
||||
$sql = ' FROM `ports` AS I, `devices` AS D';
|
||||
$sql .= $perms_sql;
|
||||
$sql .= " WHERE I.device_id = D.device_id AND `ifPhysAddress` LIKE '%".str_replace(array(':', ' ', '-', '.', '0x'), '', mres($vars['address']))."%' $where ";
|
||||
}//end if
|
||||
if (is_numeric($vars['device_id'])) {
|
||||
|
@ -29,11 +29,10 @@ if (isset($vars['min_severity'])) {
|
||||
$where .= get_sql_filter_min_severity($vars['min_severity'], "R");
|
||||
}
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$sql = " FROM `alert_log` AS E LEFT JOIN devices AS D ON E.device_id=D.device_id RIGHT JOIN alert_rules AS R ON E.rule_id=R.id WHERE $where";
|
||||
} else {
|
||||
$sql = " FROM `alert_log` AS E LEFT JOIN devices AS D ON E.device_id=D.device_id RIGHT JOIN alert_rules AS R ON E.rule_id=R.id RIGHT JOIN devices_perms AS P ON E.device_id = P.device_id WHERE $where AND P.user_id = ?";
|
||||
$param[] = array(Auth::id());
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
if (isset($searchPhrase) && !empty($searchPhrase)) {
|
||||
|
@ -14,7 +14,7 @@
|
||||
*/
|
||||
|
||||
$where = ' `devices`.`disabled` = 0';
|
||||
|
||||
$param = [];
|
||||
$alert_states = array(
|
||||
// divined from librenms/alerts.php
|
||||
'recovered' => 0,
|
||||
@ -66,9 +66,9 @@ if (isset($searchPhrase) && !empty($searchPhrase)) {
|
||||
$sql = ' FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id`';
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `devices`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " LEFT JOIN `locations` ON `devices`.`location_id` = `locations`.`id`";
|
||||
|
@ -5,9 +5,9 @@ $param = array();
|
||||
$sql .= ' FROM `ipv4_mac` AS M, `ports` AS P, `devices` AS D ';
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `D`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " WHERE M.port_id = P.port_id AND P.device_id = D.device_id $where ";
|
||||
|
@ -3,15 +3,14 @@
|
||||
$where = '1';
|
||||
$param = array();
|
||||
|
||||
|
||||
|
||||
if (Auth::user()->hasGlobalRead()) {
|
||||
$sql = " FROM entPhysical AS E, devices AS D WHERE $where AND D.device_id = E.device_id";
|
||||
} else {
|
||||
$sql = " FROM entPhysical AS E, devices AS D, devices_perms AS P WHERE $where AND D.device_id = E.device_id AND P.device_id = D.device_id AND P.user_id = ?";
|
||||
$param[] = Auth::id();
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql = " FROM entPhysical AS E, devices AS D WHERE $where AND D.device_id = E.device_id";
|
||||
|
||||
if (isset($searchPhrase) && !empty($searchPhrase)) {
|
||||
$sql .= " AND (`D`.`hostname` LIKE '%$searchPhrase%' OR `E`.`entPhysicalDescr` LIKE '%$searchPhrase%' OR `E`.`entPhysicalModelName` LIKE '%$searchPhrase%' OR `E`.`entPhysicalSerialNum` LIKE '%$searchPhrase%')";
|
||||
}
|
||||
|
@ -18,10 +18,12 @@
|
||||
$graph_type = 'mempool_usage';
|
||||
$where = 1;
|
||||
$sql = ' FROM `mempools` AS `M` LEFT JOIN `devices` AS `D` ON `M`.`device_id` = `D`.`device_id`';
|
||||
$param = [];
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `M`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " WHERE $where";
|
||||
|
@ -28,12 +28,12 @@ $param = array();
|
||||
$sql = 'FROM `ports`';
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `ports`.`device_id` = `DP`.`device_id`';
|
||||
$sql .= ' LEFT JOIN `ports_perms` AS `PP` ON `ports`.`port_id` = `PP`.`port_id`';
|
||||
|
||||
$where .= ' AND (`DP`.`user_id`=? OR `PP`.`user_id`=?)';
|
||||
$param[] = Auth::id();
|
||||
$param[] = Auth::id();
|
||||
$port_ids = Permissions::portsForUser()->toArray() ?: [0];
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND (`ports`.`port_id` IN " . dbGenPlaceholders(count($port_ids));
|
||||
$where .= " OR `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$where .= ")";
|
||||
$param = array_merge($param, $port_ids, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= ' LEFT JOIN `devices` AS `D` ON `ports`.`device_id` = `D`.`device_id`';
|
||||
|
@ -18,10 +18,12 @@
|
||||
$graph_type = 'processor_usage';
|
||||
$where = 1;
|
||||
$sql = ' FROM `processors` AS `P` LEFT JOIN `devices` AS `D` ON `P`.`device_id` = `D`.`device_id`';
|
||||
$param = [];
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `P`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [false];
|
||||
$where .= " AND `P`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " WHERE $where";
|
||||
|
@ -23,16 +23,13 @@ $class = mres($vars['class']);
|
||||
|
||||
$sql = " FROM `$table` AS S, `devices` AS D";
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ', devices_perms as P';
|
||||
}
|
||||
|
||||
$sql .= " WHERE S.sensor_class=? AND S.device_id = D.device_id ";
|
||||
$param[] = mres($vars['class']);
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= " AND D.device_id = P.device_id AND P.user_id = ?";
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$sql .= " AND `D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
if (isset($searchPhrase) && !empty($searchPhrase)) {
|
||||
|
@ -18,13 +18,14 @@
|
||||
$graph_type = 'storage_usage';
|
||||
|
||||
$where = 1;
|
||||
$param = [];
|
||||
|
||||
$sql = ' FROM `storage` AS `S` LEFT JOIN `devices` AS `D` ON `S`.`device_id` = `D`.`device_id`';
|
||||
|
||||
if (!Auth::user()->hasGlobalRead()) {
|
||||
$sql .= ' LEFT JOIN `devices_perms` AS `DP` ON `S`.`device_id` = `DP`.`device_id`';
|
||||
$where .= ' AND `DP`.`user_id`=?';
|
||||
$param[] = Auth::id();
|
||||
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
|
||||
$where .= " AND `S`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
|
||||
$param = array_merge($param, $device_ids);
|
||||
}
|
||||
|
||||
$sql .= " WHERE $where";
|
||||
|
@ -3610,6 +3610,13 @@
|
||||
"order": 6,
|
||||
"type": "integer"
|
||||
},
|
||||
"permission.device_group.allow_dynamic": {
|
||||
"default": false,
|
||||
"group": "authorization",
|
||||
"order": 1,
|
||||
"section": "device-group",
|
||||
"type": "boolean"
|
||||
},
|
||||
"ping": {
|
||||
"default": "/bin/ping",
|
||||
"group": "external",
|
||||
|
@ -515,6 +515,14 @@ devices_attribs:
|
||||
Indexes:
|
||||
PRIMARY: { Name: PRIMARY, Columns: [attrib_id], Unique: true, Type: BTREE }
|
||||
device_id: { Name: device_id, Columns: [device_id], Unique: false, Type: BTREE }
|
||||
devices_group_perms:
|
||||
Columns:
|
||||
- { Field: user_id, Type: 'int(10) unsigned', 'Null': false, Extra: '' }
|
||||
- { Field: device_group_id, Type: 'int(10) unsigned', 'Null': false, Extra: '' }
|
||||
Indexes:
|
||||
PRIMARY: { Name: PRIMARY, Columns: [device_group_id, user_id], Unique: true, Type: BTREE }
|
||||
devices_group_perms_device_group_id_index: { Name: devices_group_perms_device_group_id_index, Columns: [device_group_id], Unique: false, Type: BTREE }
|
||||
devices_group_perms_user_id_index: { Name: devices_group_perms_user_id_index, Columns: [user_id], Unique: false, Type: BTREE }
|
||||
devices_perms:
|
||||
Columns:
|
||||
- { Field: user_id, Type: 'int(10) unsigned', 'Null': false, Extra: '' }
|
||||
|
@ -5,6 +5,7 @@ return [
|
||||
'groups' => [
|
||||
'alerting' => 'Alerting',
|
||||
'auth' => 'Authentication',
|
||||
'authorization' => 'Authorization',
|
||||
'external' => 'External',
|
||||
'global' => 'Global',
|
||||
'os' => 'OS',
|
||||
@ -23,6 +24,9 @@ return [
|
||||
'ad' => 'Active Directory Settings',
|
||||
'ldap' => 'LDAP Settings'
|
||||
],
|
||||
'authorization' => [
|
||||
'device-group' => 'Device Group Settings'
|
||||
],
|
||||
'discovery' => [
|
||||
'general' => 'General Discovery Settings',
|
||||
'route' => 'Routes Discovery Module',
|
||||
@ -592,6 +596,13 @@ return [
|
||||
'description' => 'Poller performance log entries older than (days)',
|
||||
'help' => 'Cleanup done by daily.sh'
|
||||
],
|
||||
'permission' => [
|
||||
'device_group' => [
|
||||
'allow_dynamic' => [
|
||||
'description' => 'Enable user access via dynamic Device Groups',
|
||||
]
|
||||
]
|
||||
],
|
||||
'ping' => [
|
||||
'description' => 'Path to ping'
|
||||
],
|
||||
|
Loading…
Reference in New Issue
Block a user