diff --git a/www/api/class/centreon_administration_widget.class.php b/www/api/class/centreon_administration_widget.class.php
index aad14d9d361dbc702a473c5e8e407ea90b57957d..4e51e81a0de328a0f5e986329c2d6ec4ac948f4c 100644
--- a/www/api/class/centreon_administration_widget.class.php
+++ b/www/api/class/centreon_administration_widget.class.php
@@ -155,4 +155,21 @@ class CentreonAdministrationWidget extends CentreonWebService
return $widgetInstaller->remove();
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ if (parent::authorize($action, $user, $isInternal)) {
+ return true;
+ }
+
+ return $user->hasAccessRestApiConfiguration();
+ }
}
diff --git a/www/api/class/centreon_clapi.class.php b/www/api/class/centreon_clapi.class.php
index 5552d800b38669bb1bb338adb6e1396612a384f8..56fdfe0f829967f5edf33cf51ccb0f055602592e 100644
--- a/www/api/class/centreon_clapi.class.php
+++ b/www/api/class/centreon_clapi.class.php
@@ -198,4 +198,21 @@ class CentreonClapi extends CentreonWebService
}
return $return;
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ if (parent::authorize($action, $user, $isInternal)) {
+ return true;
+ }
+
+ return $user->hasAccessRestApiConfiguration();
+ }
}
diff --git a/www/api/class/centreon_configuration_objects.class.php b/www/api/class/centreon_configuration_objects.class.php
index 66364f4eb403080d399c19a9b592e52bfa5493a6..7e28f99aeebed050eeef29c8bd8fcb94783d6bf2 100644
--- a/www/api/class/centreon_configuration_objects.class.php
+++ b/www/api/class/centreon_configuration_objects.class.php
@@ -265,4 +265,21 @@ class CentreonConfigurationObjects extends CentreonWebService
}
return $tmpValues;
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ if (parent::authorize($action, $user, $isInternal)) {
+ return true;
+ }
+
+ return $user->hasAccessRestApiConfiguration();
+ }
}
diff --git a/www/api/class/centreon_home_customview.class.php b/www/api/class/centreon_home_customview.class.php
index fda00b498ee0584f3ec7a5768a62196498b4a801..1bec3bb16e5299b5313b103115cd690757d19030 100644
--- a/www/api/class/centreon_home_customview.class.php
+++ b/www/api/class/centreon_home_customview.class.php
@@ -321,4 +321,17 @@ class CentreonHomeCustomview extends CentreonWebService
return $tpl->fetch("widgetParam.html");
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ return true;
+ }
}
diff --git a/www/api/class/centreon_keepalive.class.php b/www/api/class/centreon_keepalive.class.php
index 45b0ddb23b01bfca0e185496758015f7f501fd51..51b377c7fa66c9421ddeef3a7b5d78481f2264bb 100644
--- a/www/api/class/centreon_keepalive.class.php
+++ b/www/api/class/centreon_keepalive.class.php
@@ -57,4 +57,17 @@ class CentreonKeepalive extends CentreonWebService
$session = new CentreonSession();
$session->updateSession($this->pearDB);
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ return true;
+ }
}
diff --git a/www/api/class/centreon_metric.class.php b/www/api/class/centreon_metric.class.php
index f4cd8dc7eae591677f3f587a8c2654a88c3dd8cf..ca0b642d367036e9367939d911d1b4e219e9ce89 100644
--- a/www/api/class/centreon_metric.class.php
+++ b/www/api/class/centreon_metric.class.php
@@ -673,4 +673,17 @@ class CentreonMetric extends CentreonWebService
}
return $periods;
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ return true;
+ }
}
diff --git a/www/api/class/centreon_proxy.class.php b/www/api/class/centreon_proxy.class.php
index a2a5ffef4aeb5fd53a896d283b688593a76c1783..a047e8b4b3ff8f2116d1275e526bb25606a28ce0 100644
--- a/www/api/class/centreon_proxy.class.php
+++ b/www/api/class/centreon_proxy.class.php
@@ -26,4 +26,17 @@ class CentreonProxy extends CentreonWebService
'message' => $message
);
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ return true;
+ }
}
diff --git a/www/api/class/centreon_realtime_base.class.php b/www/api/class/centreon_realtime_base.class.php
index 2ca23478c651e22628002be3965bf5ea8e183210..ad3f21ad55ec6b9488fcc17e88d00b1d13ec2734 100644
--- a/www/api/class/centreon_realtime_base.class.php
+++ b/www/api/class/centreon_realtime_base.class.php
@@ -248,4 +248,21 @@ class CentreonRealtimeBase extends CentreonWebService
}
return $tmpValues;
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ if (parent::authorize($action, $user, $isInternal)) {
+ return true;
+ }
+
+ return $user->hasAccessRestApiRealtime();
+ }
}
diff --git a/www/api/class/centreon_results_acceptor.class.php b/www/api/class/centreon_results_acceptor.class.php
index 5943f49b716285cbe73f45fb1014584759c9870b..0d4a099f309891ad061fb7b0a002a2f5ec390e66 100644
--- a/www/api/class/centreon_results_acceptor.class.php
+++ b/www/api/class/centreon_results_acceptor.class.php
@@ -235,4 +235,21 @@ class CentreonResultsAcceptor extends CentreonConfigurationObjects
throw new RestBadRequestException('Bad arguments - Cannot find command list');
}
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ if (parent::authorize($action, $user, $isInternal)) {
+ return true;
+ }
+
+ return $user->hasAccessRestApiConfiguration();
+ }
}
diff --git a/www/api/class/centreon_wiki.class.php b/www/api/class/centreon_wiki.class.php
index e189308945fd851fa631a82b4617def122aa0c21..79a04deb573269bca1a6bfad01a1244e767b880e 100644
--- a/www/api/class/centreon_wiki.class.php
+++ b/www/api/class/centreon_wiki.class.php
@@ -80,4 +80,21 @@ class CentreonWiki extends CentreonWebService
'result' => $result
);
}
+
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal)
+ {
+ if (parent::authorize($action, $user, $isInternal)) {
+ return true;
+ }
+
+ return $user->hasAccessRestApiConfiguration();
+ }
}
diff --git a/www/api/class/webService.class.php b/www/api/class/webService.class.php
index 8b7ca4b31c5951a98ae795afc1546baee4b01dde..255e929a69307428c7014876ca541b347d98ad6b 100644
--- a/www/api/class/webService.class.php
+++ b/www/api/class/webService.class.php
@@ -121,6 +121,23 @@ class CentreonWebService
}
}
+ /**
+ * Authorize to access to the action
+ *
+ * @param string $action The action name
+ * @param array $user The current user
+ * @param boolean $isInternal If the api is call in internal
+ * @return boolean If the has access to the action
+ */
+ public function authorize($action, $user, $isInternal = false)
+ {
+ if ($isInternal || $user->is_admin()) {
+ return true;
+ }
+
+ return false;
+ }
+
/**
* Get webservice
*
@@ -231,8 +248,11 @@ class CentreonWebService
* Route the webservice to the good method
* @global string _CENTREON_PATH_
* @global type $pearDB3
+ *
+ * @param CentreonUser $user The current user
+ * @param boolean $isInternal If the Rest API call is internal
*/
- public static function router(\Pimple\Container $dependencyInjector)
+ public static function router(\Pimple\Container $dependencyInjector, $user, $isInternal = false)
{
global $pearDB;
@@ -279,6 +299,10 @@ class CentreonWebService
static::sendResult("Method not found", 404);
}
+ if (false === $wsObj->authorize($action, $user, $isInternal)) {
+ static::sendJson('Forbidden', 403);
+ }
+
/* Execute the action */
try {
static::updateTokenTtl();
diff --git a/www/api/index.php b/www/api/index.php
index 63e7b2783d7d42a81170d1cd5d7533423398b9eb..3daed5811e3e798368ffae0e1778e733ef1ab12e 100644
--- a/www/api/index.php
+++ b/www/api/index.php
@@ -67,7 +67,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' &&
/* Check if user exists in contact table */
$reachAPI = 0;
- $query = "SELECT contact_id, reach_api, contact_admin FROM contact " .
+ $query = "SELECT contact_id, reach_api, reach_api_rt, contact_admin FROM contact " .
"WHERE contact_activate = '1' AND contact_register = '1' AND contact_alias = ?";
$res = $pearDB->prepare($query);
$res->execute(array($_POST['username']));
@@ -76,6 +76,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' &&
$reachAPI = 1;
} else {
if (isset($data['reach_api']) && $data['reach_api'] == 1) {
+ $reachAPI = 1;
+ } else if (isset($data['reach_api_rt']) && $data['reach_api_rt'] == 1) {
$reachAPI = 1;
}
}
@@ -116,4 +118,4 @@ if (is_null($userInfos)) {
$centreon = new Centreon($userInfos);
$oreon = $centreon;
-CentreonWebService::router($dependencyInjector);
+CentreonWebService::router($dependencyInjector, $centreon->user);
diff --git a/www/api/internal.php b/www/api/internal.php
index c5da81871a9baa5c6bbb1cec6c5078e27112ded6..cc2c5f9c924ca166bd52d63482d24548b92417f3 100644
--- a/www/api/internal.php
+++ b/www/api/internal.php
@@ -65,4 +65,4 @@ if (false === isset($centreon) || false === is_object($centreon)) {
CentreonWebService::sendResult("Unauthorized", 401);
}
-CentreonWebService::router($dependencyInjector);
+CentreonWebService::router($dependencyInjector, $centreon->user, true);
diff --git a/www/class/centreonUser.class.php b/www/class/centreonUser.class.php
index 75e56b93fa3abd4701902cd389efe7863d94116c..a1a02397942563b46cb3c599d12c6b1e7a18732a 100644
--- a/www/class/centreonUser.class.php
+++ b/www/class/centreonUser.class.php
@@ -60,6 +60,9 @@ class CentreonUser
protected $token;
public $default_page;
+ protected $restApi;
+ protected $restApiRt;
+
# User LCA
# Array with elements ID for loop test
public $lcaTopo;
@@ -70,6 +73,9 @@ class CentreonUser
/**
* CentreonUser constructor.
* @param array $user
+ *
+ * @global type $pearDB
+ * @param type $user
*/
public function __construct($user = array())
{
@@ -100,6 +106,12 @@ class CentreonUser
*/
$this->log = new CentreonUserLog($this->user_id, $pearDB);
$this->userCrypted = md5($this->alias);
+
+ /**
+ * Init rest api auth
+ */
+ $this->restApi = isset($user['reach_api']) && $user['reach_api'] == 1;
+ $this->restApiRt = isset($user['reach_api_rt']) && $user['reach_api_rt'] == 1;
}
/**
@@ -326,7 +338,8 @@ class CentreonUser
}
/**
- * @param $js_effects
+ *
+ * @param type $js_effects
*/
public function set_js_effects($js_effects)
{
@@ -334,7 +347,8 @@ class CentreonUser
}
/**
- * @return mixed
+ *
+ * @return type
*/
public function getMyGMT()
{
@@ -478,4 +492,20 @@ class CentreonUser
{
$this->token = $token;
}
+
+ /**
+ * If the user has access to Rest API Configuration
+ */
+ public function hasAccessRestApiConfiguration()
+ {
+ return $this->restApi;
+ }
+
+ /**
+ * If the user has access to Rest API Realtime
+ */
+ public function hasAccessRestApiRealtime()
+ {
+ return $this->restApiRt;
+ }
}
diff --git a/www/include/configuration/configObject/contact/DB-Func.php b/www/include/configuration/configObject/contact/DB-Func.php
index 6a6c18b7b874ac1bc2ae704bd0e5a4c5cbc23644..a2bf1636986a5335f4cdd7d260d3cd8da9a2ec94 100644
--- a/www/include/configuration/configObject/contact/DB-Func.php
+++ b/www/include/configuration/configObject/contact/DB-Func.php
@@ -122,10 +122,10 @@ function keepOneContactAtLeast($ct_id = null)
/*
* Get activated contacts
*/
- $DBRESULT = $pearDB->query("SELECT COUNT(*) AS nbr_valid
- FROM contact
- WHERE contact_activate = '1'
- AND contact_oreon = '1'
+ $DBRESULT = $pearDB->query("SELECT COUNT(*) AS nbr_valid
+ FROM contact
+ WHERE contact_activate = '1'
+ AND contact_oreon = '1'
AND contact_id <> '" . $pearDB->escape($contact_id) . "'");
$contacts = $DBRESULT->fetchRow();
@@ -425,8 +425,8 @@ function insertContact($ret = array())
"`contact_id` , `timeperiod_tp_id` , `timeperiod_tp_id2` , `contact_name` , " .
"`contact_alias` , `contact_autologin_key` , `contact_passwd` , `contact_lang` , `contact_template_id`, " .
"`contact_host_notification_options` , `contact_service_notification_options` , " .
- "`contact_email` , `contact_pager` , `contact_comment` , `contact_oreon`, `reach_api`," .
- " `contact_register`, `contact_enable_notifications` , " .
+ "`contact_email` , `contact_pager` , `contact_comment` , `contact_oreon`, `reach_api`, `reach_api_rt`, " .
+ "`contact_register`, `contact_enable_notifications` , " .
"`contact_admin` , `contact_type_msg`, `contact_activate`, `contact_auth_type`, " .
"`contact_ldap_dn`, `contact_location`, `contact_address1`, `contact_address2`, " .
"`contact_address3`, `contact_address4`, `contact_address5`, `contact_address6`)" .
@@ -493,6 +493,9 @@ function insertContact($ret = array())
isset($ret["reach_api"]["reach_api"]) && $ret["reach_api"]["reach_api"] != null
? $rq .= $ret["reach_api"]["reach_api"] . ", "
: $rq .= " 0, ";
+ isset($ret["reach_api_rt"]["reach_api_rt"]) && $ret["reach_api_rt"]["reach_api_rt"] != null
+ ? $rq .= $ret["reach_api_rt"]["reach_api_rt"] . ", "
+ : $rq .= " 0, ";
isset($ret["contact_register"]) && $ret["contact_register"] != null
? $rq .= "'" . $ret["contact_register"] . "', "
: $rq .= " '1', ";
@@ -657,6 +660,9 @@ function updateContact($contact_id = null, $from_MC = false)
isset($ret["reach_api"]["reach_api"]) && $ret["reach_api"]["reach_api"] != null
? $rq .= "'" . $ret["reach_api"]["reach_api"] . "', "
: $rq .= "NULL, ";
+ isset($ret["reach_api_rt"]["reach_api_rt"]) && $ret["reach_api_rt"]["reach_api_rt"] != null
+ ? $rq .= "'" . $ret["reach_api_rt"]["reach_api_rt"] . "', "
+ : $rq .= "NULL, ";
$rq .= "contact_enable_notifications = ";
isset($ret["contact_enable_notifications"]["contact_enable_notifications"]) &&
$ret["contact_enable_notifications"]["contact_enable_notifications"] != null
diff --git a/www/include/configuration/configObject/contact/formContact.ihtml b/www/include/configuration/configObject/contact/formContact.ihtml
index 9fc82171495f3e5005f7aafb9dad24a400a222d6..29f99daae61a43cbc825639b1de9807ded0bb686 100644
--- a/www/include/configuration/configObject/contact/formContact.ihtml
+++ b/www/include/configuration/configObject/contact/formContact.ihtml
@@ -33,7 +33,7 @@
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="email"> {$form.contact_email.label}</td><td class="FormRowValue">{$form.contact_email.html}</td></tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="pager"> {$form.contact_pager.label}</td><td class="FormRowValue">{$form.contact_pager.html}</td></tr>
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="pager"> {$form.contact_template_id.label}</td><td class="FormRowValue">{$form.contact_template_id.html}</td></tr>
-
+
<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
<h4>{$form.header.groupLinks}</h4>
@@ -118,6 +118,7 @@
{if $displayAdminFlag == 1}
<tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="admin"> {$form.contact_admin.label}</td><td class="FormRowValue">{$form.contact_admin.html}</td></tr>
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="reach_api"> {$form.reach_api.label}</td><td class="FormRowValue">{$form.reach_api.html}</td></tr>
+ <tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="reach_api_rt"> {$form.reach_api_rt.label}</td><td class="FormRowValue">{$form.reach_api_rt.html}</td></tr>
{/if}
<tr class="list_lvl_1">
<td class="ListColLvl1_name" colspan="2">
@@ -125,7 +126,7 @@
</td>
</tr>
{if $o == "mc"}
- <tr class="list_two"><td class="FormRowField"><img class="helpTooltip" name="mc_update"> {$form.mc_mod_acl.label}</td><td class="FormRowValue">{$form.mc_mod_acl.html}</td></tr>
+ <tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="mc_update"> {$form.mc_mod_acl.label}</td><td class="FormRowValue">{$form.mc_mod_acl.html}</td></tr>
{/if}
<tr class="list_one"><td class="FormRowField"><img class="helpTooltip" name="aclgroups"> {$form.contact_acl_groups.label}</td><td class="FormRowValue">{$form.contact_acl_groups.html}</td></tr>
{if $o == "a" || $o == "c"}
@@ -175,4 +176,4 @@
</div>
{$form.hidden}
</form>
-{$helptext}
\ No newline at end of file
+{$helptext}
diff --git a/www/include/configuration/configObject/contact/formContact.php b/www/include/configuration/configObject/contact/formContact.php
index f3c7e330321c01ec91ed30d382d9ab52ad9ba7d0..bfe1d15ed5e6d8188026b12edbc6b67f70dfbc2f 100644
--- a/www/include/configuration/configObject/contact/formContact.php
+++ b/www/include/configuration/configObject/contact/formContact.php
@@ -317,7 +317,12 @@ if ($centreon->user->admin) {
$tab = array();
$tab[] = HTML_QuickForm::createElement('radio', 'reach_api', null, _("Yes"), '1');
$tab[] = HTML_QuickForm::createElement('radio', 'reach_api', null, _("No"), '0');
- $form->addGroup($tab, 'reach_api', _("Reach API"), ' ');
+ $form->addGroup($tab, 'reach_api', _("Reach API Configuration"), ' ');
+
+ $tab = array();
+ $tab[] = HTML_QuickForm::createElement('radio', 'reach_api_rt', null, _("Yes"), '1');
+ $tab[] = HTML_QuickForm::createElement('radio', 'reach_api_rt', null, _("No"), '0');
+ $form->addGroup($tab, 'reach_api_rt', _("Reach API Realtime"), ' ');
}
/**
@@ -374,7 +379,12 @@ if ($centreon->optGen['ldap_auth_enable'] == 1) {
}
}
if ($o != "mc") {
- $form->setDefaults(array('contact_oreon' => '1', "contact_admin" => '0', "reach_api" => '0'));
+ $form->setDefaults(array(
+ 'contact_oreon' => '1',
+ 'contact_admin' => '0',
+ 'reach_api' => '0',
+ 'reach_api_rt' => '0'
+ ));
}
$form->addElement('select', 'contact_auth_type', _("Authentication Source"), $auth_type);
@@ -783,4 +793,9 @@ if ($valid) {
document.getElementById('sNone').checked = false;
}
}
-</script>
\ No newline at end of file
+<<<<<<< HEAD
+</script>
+=======
+}
+</script>
+>>>>>>> 1c456741a... feat(api): Split role between configuration and realtime
diff --git a/www/include/configuration/configObject/contact/help.php b/www/include/configuration/configObject/contact/help.php
index b1c8deacd878590d86d7e6c0306c087d838317ac..25d3b4f18b387bf96dcdd5724cac9025a9e6f282 100644
--- a/www/include/configuration/configObject/contact/help.php
+++ b/www/include/configuration/configObject/contact/help.php
@@ -100,6 +100,7 @@ $help["location"] = dgettext(
"to Greenwich Mean Time (GMT) in hours."
);
$help["reach_api"] = dgettext("help", "Allow this user to access to Centreon Rest API with its account.");
+$help["reach_api_rt"] = dgettext("help", "Allow this user to access to Centreon Rest API Realtime with its account.");
/*
* Additional Information
diff --git a/www/install/createTables.sql b/www/install/createTables.sql
index e2e8f99a37dac28ca24c32049144aa6977842ef2..23781d80e273e5cfd158a99347badbae56d31e7c 100644
--- a/www/install/createTables.sql
+++ b/www/install/createTables.sql
@@ -749,6 +749,7 @@ CREATE TABLE `contact` (
`contact_location` int(11) DEFAULT '0',
`contact_oreon` enum('0','1') DEFAULT NULL,
`reach_api` int(11) DEFAULT '0',
+ `reach_api_rt` int(1) DEFAULT 0,
`contact_enable_notifications` enum('0','1','2') DEFAULT '2',
`contact_template_id` int(11) DEFAULT NULL,
`contact_admin` enum('0','1') DEFAULT '0',
diff --git a/www/install/sql/centreon/Update-DB-2.8.20_to_2.8.21.sql b/www/install/sql/centreon/Update-DB-2.8.20_to_2.8.21.sql
index dccabf1b4ac5fbc690593ba6d9adb56b6f74d87e..01f7e7ff91480a587a72c1e73c5850d3919c5d11 100644
--- a/www/install/sql/centreon/Update-DB-2.8.20_to_2.8.21.sql
+++ b/www/install/sql/centreon/Update-DB-2.8.20_to_2.8.21.sql
@@ -1,2 +1,7 @@
-- Change version of Centreon
UPDATE `informations` SET `value` = '2.8.21' WHERE CONVERT( `informations`.`key` USING utf8 ) = 'version' AND CONVERT ( `informations`.`value` USING utf8 ) = '2.8.20' LIMIT 1;
+
+-- Temporary fix for limit realtime and configuration Rest API
+ALTER TABLE `contact` ADD COLUMN `reach_api_rt` int(1) DEFAULT 0 AFTER `reach_api`;
+-- Update users with right to reach api
+UPDATE contact SET reach_api_rt = "1" WHERE reach_api = "1";