diff --git a/lib/icinga/apiactions.cpp b/lib/icinga/apiactions.cpp index bc45d2374..0ff487942 100644 --- a/lib/icinga/apiactions.cpp +++ b/lib/icinga/apiactions.cpp @@ -15,6 +15,7 @@ #include "remote/httputility.hpp" #include "base/utility.hpp" #include "base/convert.hpp" +#include "remote/actionshandler.hpp" #include using namespace icinga; @@ -658,9 +659,10 @@ Dictionary::Ptr ApiActions::ExecuteCommand(const ConfigObject::Ptr& object, return ApiActions::CreateResult(404, "Can't find a valid notification for '" + resolved_notification + "'."); /* Get author */ - String author = ""; - if (params->Contains("author")) - author = HttpUtility::GetLastParameter(params, "author"); + if (!authenticatedApiUser) + return ApiActions::CreateResult(401, "Can't find API user"); + + String author = authenticatedApiUser->GetName(); cmd->Execute(notification, user, cr, NotificationType::NotificationCustom, author, "", execMacros, false); } diff --git a/lib/remote/actionshandler.cpp b/lib/remote/actionshandler.cpp index e94debb63..8668b8ea6 100644 --- a/lib/remote/actionshandler.cpp +++ b/lib/remote/actionshandler.cpp @@ -4,12 +4,15 @@ #include "remote/httputility.hpp" #include "remote/filterutility.hpp" #include "remote/apiaction.hpp" +#include "base/defer.hpp" #include "base/exception.hpp" #include "base/logger.hpp" #include using namespace icinga; +thread_local ApiUser::Ptr authenticatedApiUser; + REGISTER_URLHANDLER("/v1/actions", ActionsHandler); bool ActionsHandler::HandleRequest( @@ -71,6 +74,11 @@ bool ActionsHandler::HandleRequest( bool verbose = false; + authenticatedApiUser = user; + Defer a ([&]() { + authenticatedApiUser = nullptr; + }); + if (params) verbose = HttpUtility::GetLastParameter(params, "verbose"); diff --git a/lib/remote/actionshandler.hpp b/lib/remote/actionshandler.hpp index c2465cf7e..a7b70ff0d 100644 --- a/lib/remote/actionshandler.hpp +++ b/lib/remote/actionshandler.hpp @@ -5,6 +5,8 @@ #include "remote/httphandler.hpp" +extern thread_local icinga::ApiUser::Ptr authenticatedApiUser; + namespace icinga {