mirror of
https://github.com/Icinga/icinga2.git
synced 2025-07-25 14:44:32 +02:00
Only handle event::SetSuppressed{Notifications,NotificationTypes} within the local zone
Note that even when passing `nullptr` as target zone to `RelayMessage()`, the cluster message will still be sent to the parent zone. These incoming messages will now be rejected by the parent nodes. At the moment, there's no way to only send within the local zone.
This commit is contained in:
parent
c6cf9c6279
commit
7511a5c3fc
@ -1397,7 +1397,7 @@ Message updates will be dropped when:
|
||||
* Checkable does not exist.
|
||||
* Origin endpoint's zone is not allowed to access this checkable.
|
||||
|
||||
#### event::SuppressedNotifications <a id="technical-concepts-json-rpc-messages-event-setsupressednotifications"></a>
|
||||
#### event::SetSuppressedNotifications <a id="technical-concepts-json-rpc-messages-event-setsupressednotifications"></a>
|
||||
|
||||
> Location: `clusterevents.cpp`
|
||||
|
||||
@ -1406,7 +1406,7 @@ Message updates will be dropped when:
|
||||
Key | Value
|
||||
----------|---------
|
||||
jsonrpc | 2.0
|
||||
method | event::SuppressedNotifications
|
||||
method | event::SetSuppressedNotifications
|
||||
params | Dictionary
|
||||
|
||||
##### Params
|
||||
@ -1422,6 +1422,8 @@ supressed\_notifications | Number | Bitmask for suppressed notifications.
|
||||
Event Sender: `Checkable::OnSuppressedNotificationsChanged`
|
||||
Event Receiver: `SuppressedNotificationsChangedAPIHandler`
|
||||
|
||||
Used to sync the notification state of a host or service object within the same HA zone.
|
||||
|
||||
##### Permissions
|
||||
|
||||
The receiver will not process messages from not configured endpoints.
|
||||
@ -1429,7 +1431,7 @@ The receiver will not process messages from not configured endpoints.
|
||||
Message updates will be dropped when:
|
||||
|
||||
* Checkable does not exist.
|
||||
* Origin endpoint's zone is not allowed to access this checkable.
|
||||
* Origin endpoint is not within the local zone.
|
||||
|
||||
|
||||
#### event::SetNextNotification <a id="technical-concepts-json-rpc-messages-event-setnextnotification"></a>
|
||||
@ -1635,6 +1637,9 @@ text | String | Notification text
|
||||
Event Sender: `Checkable::OnNotificationsRequested`
|
||||
Event Receiver: `SendNotificationsAPIHandler`
|
||||
|
||||
Signals that notifications have to be sent within the same HA zone. This is relevant if the checkable and its
|
||||
notifications are active on different endpoints.
|
||||
|
||||
##### Permissions
|
||||
|
||||
The receiver will not process messages from not configured endpoints.
|
||||
@ -1642,7 +1647,7 @@ The receiver will not process messages from not configured endpoints.
|
||||
Message updates will be dropped when:
|
||||
|
||||
* Checkable does not exist.
|
||||
* Origin endpoint's zone the same as the receiver. This binds notification messages to the HA zone.
|
||||
* Origin endpoint is not within the local zone.
|
||||
|
||||
#### event::NotificationSentUser <a id="technical-concepts-json-rpc-messages-event-notificationsentuser"></a>
|
||||
|
||||
|
@ -256,7 +256,7 @@ void ClusterEvents::SuppressedNotificationsChangedHandler(const Checkable::Ptr&
|
||||
message->Set("method", "event::SetSuppressedNotifications");
|
||||
message->Set("params", params);
|
||||
|
||||
listener->RelayMessage(origin, checkable, message, true);
|
||||
listener->RelayMessage(origin, nullptr, message, true);
|
||||
}
|
||||
|
||||
Value ClusterEvents::SuppressedNotificationsChangedAPIHandler(const MessageOrigin::Ptr& origin, const Dictionary::Ptr& params)
|
||||
@ -284,7 +284,7 @@ Value ClusterEvents::SuppressedNotificationsChangedAPIHandler(const MessageOrigi
|
||||
if (!checkable)
|
||||
return Empty;
|
||||
|
||||
if (origin->FromZone && !origin->FromZone->CanAccessObject(checkable)) {
|
||||
if (origin->FromZone && origin->FromZone != Zone::GetLocalZone()) {
|
||||
Log(LogNotice, "ClusterEvents")
|
||||
<< "Discarding 'suppressed notifications changed' message for checkable '" << checkable->GetName()
|
||||
<< "' from '" << origin->FromClient->GetIdentity() << "': Unauthorized access.";
|
||||
|
Loading…
x
Reference in New Issue
Block a user