Private GIT

Skip to content
Snippets Groups Projects
Commit fdc1c80c authored by loiclau's avatar loiclau
Browse files

* add clapi acl menu read only option / update grant option #5281

parent 4e681ba7
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
doc/en/api/clapi/objects/acl_menu.rst
+ 8
3
View file @ fdc1c80c
...@@ -117,18 +117,23 @@ Order Column description ...@@ -117,18 +117,23 @@ Order Column description
1 Name of ACL menu rule 1 Name of ACL menu rule
======= ======================= ======= =======================
Grant and Revoke Grant and Revoke
---------------- ----------------
If you want to grant or revoke menus in an ACL Menu rule definition, use the following actions: **GRANT**, **REVOKE** If you want to grant in Read/Write, Read Only or revoke menus in an ACL Menu rule definition, use the following actions: **GRANTRW**, **GRANTRO**, **REVOKE**
Let's assume that you would like to grant full access to the [Monitoring] menu in your ACL Menu rule::: Let's assume that you would like to grant full access to the [Monitoring] menu in your ACL Menu rule:::
[root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grant -v "ACL Menu test;Monitoring" [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Monitoring"
Then, you would like to grant access to the [Home] > [Poller statistics] menu::: Then, you would like to grant access to the [Home] > [Poller statistics] menu:::
[root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grant -v "ACL Menu test;Home;Poller statistics" [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Home;Poller statistics"
Then, you would like to grant access in read only to the [Configuration] > [Hosts] menu:::
[root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantro -v "ACL Menu test;Configuration;Hosts"
Then, you decide to revoke access from [Monitoring] > [Event Logs]::: Then, you decide to revoke access from [Monitoring] > [Event Logs]:::
......
doc/fr/api/clapi/objects/acl_menu.rst
+ 7
3
View file @ fdc1c80c
...@@ -120,15 +120,19 @@ Order Column description ...@@ -120,15 +120,19 @@ Order Column description
Grant and Revoke Grant and Revoke
---------------- ----------------
If you want to grant or revoke menus in an ACL Menu rule definition, use the following actions: **GRANT**, **REVOKE** If you want to grant in Read/Write, Read Only or revoke menus in an ACL Menu rule definition, use the following actions: **GRANTRW**, **GRANTRO**, **REVOKE**
Let's assume that you would like to grant full access to the [Monitoring] menu in your ACL Menu rule::: Let's assume that you would like to grant full access to the [Monitoring] menu in your ACL Menu rule:::
[root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grant -v "ACL Menu test;Monitoring" [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Monitoring"
Then, you would like to grant access to the [Home] > [Poller statistics] menu::: Then, you would like to grant access to the [Home] > [Poller statistics] menu:::
[root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grant -v "ACL Menu test;Home;Poller statistics" [root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantrw -v "ACL Menu test;Home;Poller statistics"
Then, you would like to grant access in read only to the [Configuration] > [Hosts] menu:::
[root@centreon ~]# ./centreon -u admin -p centreon -o ACLMENU -a grantro -v "ACL Menu test;Configuration;Hosts"
Then, you decide to revoke access from [Monitoring] > [Event Logs]::: Then, you decide to revoke access from [Monitoring] > [Event Logs]:::
......
www/class/centreon-clapi/centreonACLMenu.class.php
+ 44
1
View file @ fdc1c80c
...@@ -284,17 +284,34 @@ class CentreonACLMenu extends CentreonObject ...@@ -284,17 +284,34 @@ class CentreonACLMenu extends CentreonObject
array($aclMenuId, $row['topology_id']) array($aclMenuId, $row['topology_id'])
); );
} }
if ($action == "grantro") {
$query = "INSERT INTO acl_topology_relations (acl_topo_id, topology_topology_id, access_right) " .
"VALUES (?, ?, 2)";
$this->db->query($query, array($aclMenuId, $row['topology_id']));
}
$this->processChildrenOf($action, $aclMenuId, $row['topology_page']); $this->processChildrenOf($action, $aclMenuId, $row['topology_page']);
} }
} }
/** /**
* Grant menu * old Grant menu
* *
* @param string $parameters * @param string $parameters
* @return void * @return void
*/ */
public function grant($parameters) public function grant($parameters)
{
$this->grantRw($parameters);
}
/**
* Grant menu
*
* @param string $parameters
* @return void
*/
public function grantRw($parameters)
{ {
list($aclMenuId, $menus, $topologies) = $this->splitParams($parameters); list($aclMenuId, $menus, $topologies) = $this->splitParams($parameters);
foreach ($menus as $level => $menuId) { foreach ($menus as $level => $menuId) {
...@@ -312,6 +329,32 @@ class CentreonACLMenu extends CentreonObject ...@@ -312,6 +329,32 @@ class CentreonACLMenu extends CentreonObject
} }
} }
/**
* Grant menu
*
* @param string $parameters
* @return void
*/
public function grantRo($parameters)
{
list($aclMenuId, $menus, $topologies) = $this->splitParams($parameters);
foreach ($menus as $level => $menuId) {
$this->db->query(
"DELETE FROM acl_topology_relations WHERE acl_topo_id = ? AND topology_topology_id = ?",
array($aclMenuId, $menuId)
);
$this->db->query(
"INSERT INTO acl_topology_relations (acl_topo_id, topology_topology_id, access_right) VALUES (?, ?, 2)",
array($aclMenuId, $menuId)
);
if (!isset($menus[$level + 1]) && $level != self::LEVEL_4) {
$this->processChildrenOf("grantro", $aclMenuId, $topologies[$level]);
}
}
}
/** /**
* Revoke menu * Revoke menu
* *
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Another place to be (or not)