tyler.durden
/
icingaweb2-module-director
mirror of https://github.com/Icinga/icingaweb2-module-director.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feature/monitoring-service-ro'

This commit is contained in:
Thomas Gelf 2019-02-13 11:43:09 +01:00
parent af2e86d8b8 d35ec0fee6
commit f83f293c57
10 changed files with 159 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
application/controllers/HostController.php
View File

@ -29,7 +29,11 @@ class HostController extends ObjectController
{ {
protected function checkDirectorPermissions() protected function checkDirectorPermissions()
{ {
if (in_array($this->getRequest()->getActionName(), ['servicesro', 'findservice'])) { if (in_array($this->getRequest()->getActionName(), [
'servicesro',
'findservice',
'invalidservice'
])) {
$this->assertPermission('director/monitoring/services-ro'); $this->assertPermission('director/monitoring/services-ro');
} else { } else {
$this->assertPermission('director/hosts'); $this->assertPermission('director/hosts');
@ -97,22 +101,14 @@ class HostController extends ObjectController
/** /**
* @throws \Icinga\Exception\NotFoundError * @throws \Icinga\Exception\NotFoundError
* @throws \Icinga\Security\SecurityException
*/ */
public function findserviceAction() public function findserviceAction()
{ {
$host = $this->getHostObject(); $host = $this->getHostObject();
$redirector = new HostServiceRedirector($host, $this->getAuth()); $redirector = new HostServiceRedirector($host, $this->getAuth());
if ($this->hasPermission('director/hosts')) { $this->redirectNow(
$this->redirectNow( $redirector->getRedirectionUrl($this->params->get('service'))
$redirector->getRedirectionUrl($this->params->get('service')) );
);
return;
} elseif ($this->hasPermission('director/monitoring/services-ro')) {
$this->redirectNow($this->url()->setPath('director/host/servicesro'));
} else {
$this->assertPermission('director/hosts');
}
} }
/** /**
@ -198,6 +194,10 @@ class HostController extends ObjectController
} }
/** /**
* Hint: this duplicates quite some logic from servicesAction. We might want
* to clean this up, but as soon as we store fully resolved Services this
* will be obsolete anyways
*
* @throws \Icinga\Exception\NotFoundError * @throws \Icinga\Exception\NotFoundError
* @throws \Icinga\Security\SecurityException * @throws \Icinga\Security\SecurityException
* @throws \Icinga\Exception\MissingParameterException * @throws \Icinga\Exception\MissingParameterException
@ -209,11 +209,12 @@ class HostController extends ObjectController
$service = $this->params->getRequired('service'); $service = $this->params->getRequired('service');
$db = $this->db(); $db = $this->db();
$this->controls()->setTabs(new Tabs()); $this->controls()->setTabs(new Tabs());
$this->addSingleTab($this->translate('Configuration: Services')); $this->addSingleTab($this->translate('Configuration (read-only)'));
$this->addTitle($this->translate('Services: %s'), $host->getObjectName()); $this->addTitle($this->translate('Services on %s'), $host->getObjectName());
$content = $this->content(); $content = $this->content();
$table = IcingaHostServiceTable::load($host) $table = IcingaHostServiceTable::load($host)
->setReadonly() ->setReadonly()
->highlightService($service)
->setTitle($this->translate('Individual Service objects')); ->setTitle($this->translate('Individual Service objects'));
if (count($table)) { if (count($table)) {
@ -224,6 +225,7 @@ class HostController extends ObjectController
if ($applied instanceof CustomVariableDictionary) { if ($applied instanceof CustomVariableDictionary) {
$table = IcingaHostAppliedForServiceTable::load($host, $applied) $table = IcingaHostAppliedForServiceTable::load($host, $applied)
->setReadonly() ->setReadonly()
->highlightService($service)
->setTitle($this->translate('Generated from host vars')); ->setTitle($this->translate('Generated from host vars'));
if (count($table)) { if (count($table)) {
$content->add($table); $content->add($table);
@ -237,6 +239,7 @@ class HostController extends ObjectController
foreach ($parents as $parent) { foreach ($parents as $parent) {
$table = IcingaHostServiceTable::load($parent) $table = IcingaHostServiceTable::load($parent)
->setReadonly() ->setReadonly()
->highlightService($service)
->setInheritedBy($host); ->setInheritedBy($host);
if (count($table)) { if (count($table)) {
$content->add( $content->add(
@ -262,11 +265,14 @@ class HostController extends ObjectController
// ->setHost($host) // ->setHost($host)
->setAffectedHost($host) ->setAffectedHost($host)
->setReadonly() ->setReadonly()
->highlightService($service)
->setTitle($title) ->setTitle($title)
); );
} }
$table = IcingaHostAppliedServicesTable::load($host) $table = IcingaHostAppliedServicesTable::load($host)
->setReadonly()
->highlightService($service)
->setTitle($this->translate('Applied services')); ->setTitle($this->translate('Applied services'));
if (count($table)) { if (count($table)) {
@ -308,7 +314,7 @@ class HostController extends ObjectController
->setAffectedHost($affectedHost) ->setAffectedHost($affectedHost)
->setTitle($title); ->setTitle($title);
if ($roService) { if ($roService) {
$table->setReadonly(); $table->setReadonly()->highlightService($roService);
} }
$this->content()->add($table); $this->content()->add($table);
} }

4
configuration.php
View File

@ -26,6 +26,10 @@ $this->providePermission(
'Allow to inspect objects through the Icinga 2 API (could contain sensitive information)' 'Allow to inspect objects through the Icinga 2 API (could contain sensitive information)'
) )
); );
$this->providePermission(
'director/monitoring/services-ro',
$this->translate('Allow readonly users to see where a Service came from')
);
$this->providePermission('director/*', $this->translate('Allow unrestricted access to Icinga Director')); $this->providePermission('director/*', $this->translate('Allow unrestricted access to Icinga Director'));
$this->provideRestriction( $this->provideRestriction(

1
doc/82-Changelog.md
View File

@ -15,6 +15,7 @@ before switching to a new version.
* FIX: creating a new Basket with a "Custom Selection" failed with an error (#1733) * FIX: creating a new Basket with a "Custom Selection" failed with an error (#1733)
* FIX: some new reserved keywords are now escaped correctly (#1765) * FIX: some new reserved keywords are now escaped correctly (#1765)
* FIX: correctly render NOT used in apply rules (fixes #1777) * FIX: correctly render NOT used in apply rules (fixes #1777)
* FEATURE: RO users could want to see where a configured service originated (#1785)
1.6.0 1.6.0
----- -----

2
library/Director/ProvidedHook/Monitoring/HostActions.php
View File

@ -37,7 +37,7 @@ class HostActions extends HostActionsHook
); );
} }
if (IcingaHost::exists($hostname, $db)) { if (Util::hasPermission('director/hosts') && IcingaHost::exists($hostname, $db)) {
$actions['Modify'] = Url::fromPath( $actions['Modify'] = Url::fromPath(
'director/host/edit', 'director/host/edit',
array('name' => $hostname) array('name' => $hostname)

10
library/Director/ProvidedHook/Monitoring/ServiceActions.php
View File

@ -48,8 +48,16 @@ class ServiceActions extends ServiceActionsHook
]); ]);
} }
if (Util::hasPermission('director/hosts')) {
$title = mt('director', 'Modify');
} elseif (Util::hasPermission('director/monitoring/services-ro')) {
$title = mt('director', 'Configuration');
} else {
return $actions;
}
if (IcingaHost::exists($hostname, $db)) { if (IcingaHost::exists($hostname, $db)) {
$actions['Modify'] = Url::fromPath('director/host/findservice', [ $actions[$title] = Url::fromPath('director/host/findservice', [
'name' => $hostname, 'name' => $hostname,
'service' => $service->service_description 'service' => $service->service_description
]); ]);

34
library/Director/Web/Table/IcingaHostAppliedForServiceTable.php
View File

@ -2,6 +2,7 @@
namespace Icinga\Module\Director\Web\Table; namespace Icinga\Module\Director\Web\Table;
use dipl\Html\Html;
use Icinga\Data\DataArray\ArrayDatasource; use Icinga\Data\DataArray\ArrayDatasource;
use Icinga\Module\Director\CustomVariable\CustomVariableDictionary; use Icinga\Module\Director\CustomVariable\CustomVariableDictionary;
use Icinga\Module\Director\Objects\IcingaHost; use Icinga\Module\Director\Objects\IcingaHost;
@ -24,6 +25,9 @@ class IcingaHostAppliedForServiceTable extends SimpleQueryBasedTable
/** @var bool */ /** @var bool */
protected $readonly = false; protected $readonly = false;
/** @var string|null */
protected $highlightedService;
/** /**
* @param IcingaHost $host * @param IcingaHost $host
* @param CustomVariableDictionary $dict * @param CustomVariableDictionary $dict
@ -67,23 +71,29 @@ class IcingaHostAppliedForServiceTable extends SimpleQueryBasedTable
return $this; return $this;
} }
public function highlightService($service)
{
$this->highlightedService = $service;
return $this;
}
public function renderRow($row) public function renderRow($row)
{ {
if ($this->readonly) { if ($this->readonly) {
return $this::row([ if ($this->highlightedService === $row->service) {
$row->service $link = Html::tag('span', ['class' => 'icon-right-big'], $row->service);
} else {
$link = $row->service;
}
} else {
$link = Link::create($row->service, 'director/host/appliedservice', [
'name' => $this->host->object_name,
'service' => $row->service,
]); ]);
} }
return $this::row([
Link::create( return $this::row([$link]);
$row->service,
'director/host/appliedservice',
[
'name' => $this->host->object_name,
'service' => $row->service,
]
)
]);
} }
public function getColumnsToBeRendered() public function getColumnsToBeRendered()

59
library/Director/Web/Table/IcingaHostAppliedServicesTable.php
View File

@ -2,6 +2,7 @@
namespace Icinga\Module\Director\Web\Table; namespace Icinga\Module\Director\Web\Table;
use dipl\Html\Html;
use Icinga\Data\DataArray\ArrayDatasource; use Icinga\Data\DataArray\ArrayDatasource;
use Icinga\Data\Filter\Filter; use Icinga\Data\Filter\Filter;
use Icinga\Module\Director\Objects\HostApplyMatches; use Icinga\Module\Director\Objects\HostApplyMatches;
@ -19,6 +20,12 @@ class IcingaHostAppliedServicesTable extends SimpleQueryBasedTable
/** @var \Zend_Db_Adapter_Abstract */ /** @var \Zend_Db_Adapter_Abstract */
protected $db; protected $db;
/** @var bool */
protected $readonly = false;
/** @var string|null */
protected $highlightedService;
private $allApplyRules; private $allApplyRules;
/** /**
@ -50,6 +57,26 @@ class IcingaHostAppliedServicesTable extends SimpleQueryBasedTable
return $this; return $this;
} }
/**
* Show no related links
*
* @param bool $readonly
* @return $this
*/
public function setReadonly($readonly = true)
{
$this->readonly = (bool) $readonly;
return $this;
}
public function highlightService($service)
{
$this->highlightedService = $service;
return $this;
}
public function renderRow($row) public function renderRow($row)
{ {
$classes = []; $classes = [];
@ -62,20 +89,24 @@ class IcingaHostAppliedServicesTable extends SimpleQueryBasedTable
$attributes = empty($classes) ? null : ['class' => $classes]; $attributes = empty($classes) ? null : ['class' => $classes];
return $this::row([ if ($this->readonly) {
Link::create( if ($this->highlightedService === $row->name) {
sprintf( $link = Html::tag('a', ['class' => 'icon-right-big'], $row->name);
$this->translate('%s (where %s)'), } else {
$row->name, $link = Html::tag('a', $row->name);
$row->filter }
), } else {
'director/host/appliedservice', $link = Link::create(sprintf(
[ $this->translate('%s (where %s)'),
'name' => $this->host->getObjectName(), $row->name,
'service_id' => $row->id, $row->filter
] ), 'director/host/appliedservice', [
) 'name' => $this->host->getObjectName(),
], $attributes); 'service_id' => $row->id,
]);
}
return $this::row([$link], $attributes);
} }
/** /**

17
library/Director/Web/Table/IcingaHostServiceTable.php
View File

@ -2,6 +2,7 @@
namespace Icinga\Module\Director\Web\Table; namespace Icinga\Module\Director\Web\Table;
use dipl\Html\Html;
use Icinga\Module\Director\Objects\IcingaHost; use Icinga\Module\Director\Objects\IcingaHost;
use dipl\Html\Link; use dipl\Html\Link;
use dipl\Web\Table\ZfQueryBasedTable; use dipl\Web\Table\ZfQueryBasedTable;
@ -19,6 +20,9 @@ class IcingaHostServiceTable extends ZfQueryBasedTable
/** @var bool */ /** @var bool */
protected $readonly = false; protected $readonly = false;
/** @var string|null */
protected $highlightedService;
protected $searchColumns = [ protected $searchColumns = [
'service', 'service',
]; ];
@ -66,6 +70,13 @@ class IcingaHostServiceTable extends ZfQueryBasedTable
return $this; return $this;
} }
public function highlightService($service)
{
$this->highlightedService = $service;
return $this;
}
public function renderRow($row) public function renderRow($row)
{ {
$classes = []; $classes = [];
@ -86,7 +97,11 @@ class IcingaHostServiceTable extends ZfQueryBasedTable
protected function getServiceLink($row) protected function getServiceLink($row)
{ {
if ($this->readonly) { if ($this->readonly) {
return $row->service; if ($this->highlightedService === $row->service) {
return Html::tag('span', ['class' => 'icon-right-big'], $row->service);
} else {
return $row->service;
}
} }
if ($target = $this->inheritedBy) { if ($target = $this->inheritedBy) {

19
library/Director/Web/Table/IcingaServiceSetServiceTable.php
View File

@ -2,6 +2,7 @@
namespace Icinga\Module\Director\Web\Table; namespace Icinga\Module\Director\Web\Table;
use dipl\Html\BaseHtmlElement;
use dipl\Html\Html; use dipl\Html\Html;
use Icinga\Module\Director\Forms\RemoveLinkForm; use Icinga\Module\Director\Forms\RemoveLinkForm;
use Icinga\Module\Director\Objects\IcingaHost; use Icinga\Module\Director\Objects\IcingaHost;
@ -31,6 +32,9 @@ class IcingaServiceSetServiceTable extends ZfQueryBasedTable
/** @var bool */ /** @var bool */
protected $readonly = false; protected $readonly = false;
/** @var string|null */
protected $highlightedService;
/** /**
* @param IcingaServiceSet $set * @param IcingaServiceSet $set
* @return static * @return static
@ -86,6 +90,13 @@ class IcingaServiceSetServiceTable extends ZfQueryBasedTable
return $this; return $this;
} }
public function highlightService($service)
{
$this->highlightedService = $service;
return $this;
}
protected function addHeaderColumnsTo(HtmlElement $parent) protected function addHeaderColumnsTo(HtmlElement $parent)
{ {
if ($this->host || $this->affectedHost) { if ($this->host || $this->affectedHost) {
@ -99,12 +110,16 @@ class IcingaServiceSetServiceTable extends ZfQueryBasedTable
/** /**
* @param $row * @param $row
* @return Link * @return BaseHtmlElement
*/ */
protected function getServiceLink($row) protected function getServiceLink($row)
{ {
if ($this->readonly) { if ($this->readonly) {
return $row->service; if ($this->highlightedService === $row->service) {
return Html::tag('span', ['class' => 'icon-right-big'], $row->service);
} else {
return $row->service;
}
} }
if ($this->affectedHost) { if ($this->affectedHost) {

34
library/Director/Web/Widget/HostServiceRedirector.php
View File

@ -3,6 +3,7 @@
namespace Icinga\Module\Director\Web\Widget; namespace Icinga\Module\Director\Web\Widget;
use dipl\Web\Url; use dipl\Web\Url;
use Icinga\Authentication\Auth;
use Icinga\Data\Filter\Filter; use Icinga\Data\Filter\Filter;
use Icinga\Module\Director\Objects\HostApplyMatches; use Icinga\Module\Director\Objects\HostApplyMatches;
use Icinga\Module\Director\Objects\IcingaHost; use Icinga\Module\Director\Objects\IcingaHost;
@ -14,6 +15,9 @@ class HostServiceRedirector
/** @var IcingaHost */ /** @var IcingaHost */
protected $host; protected $host;
/** @var Auth */
protected $auth;
/** @var IcingaHost[] */ /** @var IcingaHost[] */
protected $parents; protected $parents;
@ -23,9 +27,10 @@ class HostServiceRedirector
/** @var \Icinga\Module\Director\Db */ /** @var \Icinga\Module\Director\Db */
protected $db; protected $db;
public function __construct(IcingaHost $host) public function __construct(IcingaHost $host, Auth $auth)
{ {
$this->host = $host; $this->host = $host;
$this->auth = $auth;
$this->db = $host->getConnection(); $this->db = $host->getConnection();
} }
@ -36,16 +41,23 @@ class HostServiceRedirector
*/ */
public function getRedirectionUrl($serviceName) public function getRedirectionUrl($serviceName)
{ {
if ($url = $this->getSingleServiceUrl($serviceName)) { if ($this->auth->hasPermission('director/host')) {
return $url; if ($url = $this->getSingleServiceUrl($serviceName)) {
} elseif ($url = $this->getParentServiceUrl($serviceName)) { return $url;
return $url; } elseif ($url = $this->getParentServiceUrl($serviceName)) {
} elseif ($url = $this->getAppliedServiceUrl($serviceName)) { return $url;
return $url; } elseif ($url = $this->getAppliedServiceUrl($serviceName)) {
} elseif ($url = $this->getServiceSetServiceUrl($serviceName)) { return $url;
return $url; } elseif ($url = $this->getServiceSetServiceUrl($serviceName)) {
} elseif ($url = $this->getAppliedServiceSetUrl($serviceName)) { return $url;
return $url; } elseif ($url = $this->getAppliedServiceSetUrl($serviceName)) {
return $url;
}
} elseif ($this->auth->hasPermission('director/monitoring/services-ro')) {
return Url::fromPath('director/host/servicesro', [
'name' => $this->host->getObjectName(),
'service' => $serviceName
]);
} }
return Url::fromPath('director/host/invalidservice', [ return Url::fromPath('director/host/invalidservice', [